How to shut down firewall
I have a standard install running SUSE 7.1 on PC hardware. It uses a 56k modem to talk to Earthlink via ppp. I believe it has firewall running since (1) I can see a couple of messages about "personal-firewall" go by during the boot sequence and (2) if I try to telnet or ssh into the box from the internet, I see messages in /var/log/messages about the connect being rejected. I would like to temporarily disable enough of the protection to allow incoming ssh, telnet, and ftp connections. I tried modifying settings in /etc/rc.config.d/firewall.rc.config to allow the desired services, but to no apparent effect. I then tried to disable the firewall completely but found that my rc.config already had the line START_FW ="no" and yet some firewall clearly is running. Any pointers to definitive docs on the SUSE 7.1 firewall setup? I don't seem to be able to figure out what I need from the printed manuals. Haben Sie viel Spa� Steve Collins __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/
Steve, The personal-firewall messages come up whether or not its active. Check to make sure that either xinetd or inetd has started, this could be issue. I believe you can check with an ssh localhost and see if it rejects you. Matt -- "Wonder when someone breeds a Norn that learns to bite the hand that feeds him" On Fri, 29 Jun 2001, Steve Collins wrote:
I have a standard install running SUSE 7.1 on PC hardware. It uses a 56k modem to talk to Earthlink via ppp.
I believe it has firewall running since (1) I can see a couple of messages about "personal-firewall" go by during the boot sequence and (2) if I try to telnet or ssh into the box from the internet, I see messages in /var/log/messages about the connect being rejected.
I would like to temporarily disable enough of the protection to allow incoming ssh, telnet, and ftp connections.
I tried modifying settings in /etc/rc.config.d/firewall.rc.config to allow the desired services, but to no apparent effect.
I then tried to disable the firewall completely but found that my rc.config already had the line START_FW ="no" and yet some firewall clearly is running.
Any pointers to definitive docs on the SUSE 7.1 firewall setup? I don't seem to be able to figure out what I need from the printed manuals.
Haben Sie viel Spa�
Steve Collins
__________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
I have a standard install running SUSE 7.1 on PC hardware. It uses a 56k modem to talk to Earthlink via ppp.
I believe it has firewall running since (1) I can see a couple of messages about "personal-firewall" go by during the boot sequence and (2) if I try to telnet or ssh into the box from the internet, I see messages in /var/log/messages about the connect being rejected.
I would like to temporarily disable enough of the protection to allow incoming ssh, telnet, and ftp connections.
I tried modifying settings in /etc/rc.config.d/firewall.rc.config to allow the desired services, but to no apparent effect.
You confuse the SuSEpersonal-firewall with the SuSEfirewall. Both can run at the same time without any interaction. To turn off the personal-firewall, edit /etc/rc.config.d/security.rc.config to read REJECT_ALL_INCOMING_CONNECTIONS="no" and execute /sbin/SuSEpersonal-firewall. Your rules should be gone by then. Another alternative is to insert ipchains commands below the line chain_lock unlock quite near the bottom of the /sbin/SuSEpersonal-firewall script. Use the -I (insert) directive of ipchains to move the rules to the top of the incoming chain. In SuSEpersonal-firewall, only the incoming chain is fed with a single rule, uniquely for the SuSEpersonal-firewall to not confuse other setups.
I then tried to disable the firewall completely but found that my rc.config already had the line START_FW ="no" and yet some firewall clearly is running.
Any pointers to definitive docs on the SUSE 7.1 firewall setup? I don't seem to be able to figure out what I need from the printed manuals.
Haben Sie viel Spaß
yes, yes, I know... :-/
Steve Collins
Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
participants (3)
-
Roman Drahtmueller -
StarTux -
Steve Collins