Simple question, I'd like to have several internal ethernet devices on my box, and allow routing between them, as well as have them all talk to the outside interface. Detail: Currently SuSEFirewall2 works well with one external port (eth0) and one internal (eth1). I'd like to add eth2 as an internal interfaces as well. (To a wireless hub). I want forwarding between eth1 and eth2. The YaST setup allows putting in "internal interfaces", but doesn't say how to separate them, nor how they are handled. Any suggestions? Paul Alfille
Paul Alfille wrote:
The YaST setup allows putting in "internal interfaces", but doesn't say how to separate them, nor how they are handled.
Any suggestions?
Launch an editor and open /etc/sysconfig/SuSEfirewall2. You'll find this: # Choice: leave empty or any number of devices, seperated by a space # e.g. "tr0", "eth0 eth1 eth1:1" or "" # FW_DEV_INT="" Peter
Thank you, Peter. This is very helpful! By the way, can I then do any firewall control between the internal devices, or is that beyond the scope of SuSEFirewall2? On Tuesday 11 March 2003 12:38, Peter Wiersig wrote:
Paul Alfille wrote:
The YaST setup allows putting in "internal interfaces", but doesn't say how to separate them, nor how they are handled.
Any suggestions?
Launch an editor and open /etc/sysconfig/SuSEfirewall2. You'll find this:
# Choice: leave empty or any number of devices, seperated by a space # e.g. "tr0", "eth0 eth1 eth1:1" or "" # FW_DEV_INT=""
Peter
Paul Alfille wrote:
By the way, can I then do any firewall control between the internal devices, or is that beyond the scope of SuSEFirewall2?
It's outside the scope of SFW2s variables, but you're free to use /etc/sysconfig/scripts/SuSEfirewall2-custom See FW_CUSTOMRULES Peter
Hi all, Last night my SuSE 8.0 server went down (freezed). The only service available to the internet is www (tcp/80) and dns (udp/53), so today I've been checking the logs but found nothing, no errors, no strange lines, it was like someone pulled the electricity cable. Is there any place other than /var/log where I could check what really happened? Pedro
Pedro Marques wrote:
Hi all,
Last night my SuSE 8.0 server went down (freezed).
The only service available to the internet is www (tcp/80) and dns (udp/53), so today I've been checking the logs but found nothing, no errors, no strange lines, it was like someone pulled the electricity cable.
Did it freeze or did it shutdown?
Is there any place other than /var/log where I could check what really happened?
First thing that comes to my mind is: could you have run out of disk space? df -h HTH -- rafa@artenet-cb.es http://www.suse.de/es rafael.griman@hispalinux.es http://www.suse.com registered Linux user 286102 http://counter.li.org/ Only those who attempt the absurd can achieve the impossible.
It has plenty of disk free. The server was freezed and I couldn't login neither local or remote. There were no activity on the ethernet card/switch. Since I found nothing relevant in apache and bind logs, maybe it was an hardware failure (maybe memory?) is it possible? Thnx Pedro ----- Original Message ----- From: "Rafael Grimán" <rafa@artenet-cb.es> To: <suse-security@suse.com> Sent: Wednesday, March 12, 2003 11:34 AM Subject: Re: [suse-security] Looking for logs
Pedro Marques wrote:
Hi all,
Last night my SuSE 8.0 server went down (freezed).
The only service available to the internet is www (tcp/80) and dns (udp/53), so today I've been checking the logs but found nothing, no errors, no strange lines, it was like someone pulled the electricity cable.
Did it freeze or did it shutdown?
Is there any place other than /var/log where I could check what really happened?
First thing that comes to my mind is: could you have run out of disk space?
df -h
HTH
-- rafa@artenet-cb.es http://www.suse.de/es rafael.griman@hispalinux.es http://www.suse.com registered Linux user 286102 http://counter.li.org/
Only those who attempt the absurd can achieve the impossible.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Hi :) Pedro Marques wrote:
It has plenty of disk free. The server was freezed and I couldn't login neither local or remote. There were no activity on the ethernet card/switch.
Since I found nothing relevant in apache and bind logs, maybe it was an hardware failure (maybe memory?) is it possible?
Probably, or a lock up due to filesystem problems. What filesystems do you have. I've had quite a lot of problems with reiserfs and jfs (from what I've seen on other lists, many peoplo too). When you rebooted the machine, did it fsck any partition? Any core dumps? You say it only has DNS and Web services available to the Internet, what about to your own LAN?
----- Original Message -----
Pedro Marques wrote:
Hi all,
Last night my SuSE 8.0 server went down (freezed).
The only service available to the internet is www (tcp/80) and dns (udp/53),
so today I've been checking the logs but found nothing, no errors, no strange lines, it was like someone pulled the electricity cable.
Did it freeze or did it shutdown?
Is there any place other than /var/log where I could check what really happened?
First thing that comes to my mind is: could you have run out of disk space?
df -h
HTH
-- rafa@artenet-cb.es http://www.suse.de/es rafael.griman@hispalinux.es http://www.suse.com registered Linux user 286102 http://counter.li.org/ Only those who attempt the absurd can achieve the impossible.
Hi :) Pedro Marques wrote:
[...]
Since I found nothing relevant in apache and bind logs, maybe it was an hardware failure (maybe memory?) is it possible?
Forgot to ask: have you checked your servers memory with memcheck? What about heating problems? How long has it been running without problems? Have you recompiled any program, kernel, ... or tweaked anything via /proc? What hardware do you run your server on? [Insert here any other question of the sort ] ;) -- rafa@artenet-cb.es http://www.suse.de/es rafael.griman@hispalinux.es http://www.suse.com registered Linux user 286102 http://counter.li.org/ Only those who attempt the absurd can achieve the impossible.
participants (4)
-
Paul Alfille -
Pedro Marques -
Peter Wiersig -
Rafael Grimán