-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I recently installed SuSE 8.1 with SuSEFirewall2 using YAST2. I am using a ISDN dialup connction and have a second PC connected via eth0. When the firewall is up, nothing seems to work, ping etc. fails. Here is a part of the syslog from /var/log/messages (195.226.96.132 is the address of the DNS of my provider) - ----schnipp-------- Oct 24 19:55:15 gandalf kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT=MAC= SRC=195.226.96.132 DST=195.226.102.216 LEN=118 TOS=0x00 PREC=0x00 TTL=252ID=36333 DF PROTO=UDP SPT=53 DPT=1146 LEN=98 Oct 24 19:55:15 gandalf kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT=MAC= SRC=195.226.96.132 DST=195.226.102.216 LEN=124 TOS=0x00 PREC=0x00 TTL=252ID=36334 DF PROTO=UDP SPT=53 DPT=1147 LEN=104 - ----schnipp-------- Here are the settings of the SuSEfirewall2 config. file. I don't use any other services except for samba to grant access to the other (win98) PC FW_QUICKMODE="no" FW_DEV_EXT="ippp0" FW_DEV_INT="eth0" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="0/0" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_SERVICES="no" FW_SERVICES_EXT_TCP="" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_INT_TCP="" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="" FW_SERVICES_QUICK_TCP="" FW_SERVICES_QUICK_UDP="" FW_SERVICES_QUICK_IP="" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" FW_SERVICE_AUTODETECT="yes" FW_SERVICE_DNS="no" FW_SERVICE_DHCLIENT="ext" FW_SERVICE_DHCPD="no" FW_SERVICE_SQUID="no" FW_SERVICE_SAMBA="yes" FW_FORWARD="" FW_FORWARD_MASQ="" FW_REDIRECT="" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG="--log-level warning --log-tcp-options --log-ip-option - --log-prefix SuSE-FW" FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="YES" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="yes" FW_ALLOW_FW_TRACEROUTE="yes" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_ALLOW_FW_BROADCAST="no" FW_IGNORE_FW_BROADCAST="yes" FW_ALLOW_CLASS_ROUTING="yes" FW_CUSTOMRULES="" FW_REJECT="no" I think it's no big problem, maybe I'm just too blind to see the right setting in the list above. So I'd like to have the list take a look. Thanks a lot Andreas ahallstein@tesionmail.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9uWMe5RlbrxDjpvMRApXKAJ90ee2nK21WJnCOrqeM87+VMakqlACgvgW+ YLYed1CsB1NgJVcit9X1xKI= =pp37 -----END PGP SIGNATURE-----