I have a Suse 8.1 install. All of my addresses are public. The Suse machine is the firewall and behind a router. The problem seems to be that the Suse machine will not forward packets. It can talk to the router and to the local network but nothing crosses over. /proc/sys/net/ipv4/ip_forward is 1 I have tried this two ways. SuSEfirewall2 following ll prompts to attempt to setup an OPEN forwarding bridge (to test) and also with rules in place. Neither seem to work. I also installed firewall builder and tried to setup a routing firewall with that. I have been building firewalls in RedHat for a couple of years and have never tried to do this in SUSE and am quite stuck. There is a good deal of inertia regarding staying with SUSE so I would appreciate any suggestions you can make short of reverting to Redhat. Thanks! -- -Paul Dorn http://www.HelpdeskGenius.com Call for Linux support today: 866-365-7401
Why not try a different program like Shorewall just take a look it may help you. www.shorewall.net Ian On Tuesday 11 February 2003 17:55, Paul Dorn wrote:
I have a Suse 8.1 install. All of my addresses are public. The Suse machine is the firewall and behind a router.
The problem seems to be that the Suse machine will not forward packets. It can talk to the router and to the local network but nothing crosses over. /proc/sys/net/ipv4/ip_forward is 1 I have tried this two ways. SuSEfirewall2 following ll prompts to attempt to setup an OPEN forwarding bridge (to test) and also with rules in place. Neither seem to work. I also installed firewall builder and tried to setup a routing firewall with that. I have been building firewalls in RedHat for a couple of years and have never tried to do this in SUSE and am quite stuck. There is a good deal of inertia regarding staying with SUSE so I would appreciate any suggestions you can make short of reverting to Redhat. Thanks!
On Tue, 11 Feb 2003, Paul Dorn wrote:
I have a Suse 8.1 install. All of my addresses are public. The Suse machine is the firewall and behind a router.
The problem seems to be that the Suse machine will not forward packets. It can talk to the router and to the local network but nothing crosses over. /proc/sys/net/ipv4/ip_forward is 1 /snip/
When you say 'All my addresses are public', it prompts me to ask: Does your ISP know that you only have one machine directly connected, and the rest of the public IP address space is to use the firewall address as a gateway? If not, then you have to configure your firewall external port to accept all the assigned IP addresses, and port-forward the intended services to the protected machines. -- Rick Green "They that can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." -Benjamin Franklin
On Tue, Feb 11, 2003 at 12:20:15PM -0500, Rick Green wrote:
When you say 'All my addresses are public', it prompts me to ask: Does your ISP know that you only have one machine directly connected, and the rest of the public IP address space is to use the firewall address as a gateway?
If not, then you have to configure your firewall external port to accept all the assigned IP addresses, and port-forward the intended services to the protected machines.
or do bridge-walling Lars
participants (4)
-
Ian David Laws -
Lars Ellenberg -
Paul Dorn -
Rick Green