still got problems with the firewall. i installed the latest version. but when booting, i get error messages. so i disabled the firewall. the computer started without any error messages. i logged in and started the firewall by hand - no error messages; all is working as it should. so: how can i configure the 8.1 system to start the firewall after everything else has been initialized? and suse-config not modifying this preferences... dirk
On Fri, Nov 01, 2002 at 09:41:32AM +0100, Dirk Borchers wrote:
but when booting, i get error messages. so i disabled the firewall.
Sorry Dirk, but my Crystal Ball just stopped working: It won't show
me the error messages you are experiencing, so I can't help you at
the moment. Maybe I can when it starts working again.
Ciao
Jörg
--
Joerg Mayer
On Fri, Nov 01, 2002 at 09:41:32AM +0100, Dirk Borchers wrote:
but when booting, i get error messages. so i disabled the firewall.
Sorry Dirk, but my Crystal Ball just stopped working: It won't show me the error messages you are experiencing, so I can't help you at the moment. Maybe I can when it starts working again.
i will help you (mine got halloween broken - i fixed it. but i should have taken another glue - i still can't see inside...) sbin/SuSEfirewall2: line 687: test: 192.168.120.24: integer expression expected and a lot of: iptables v1.2.7a: host/network 'ippp0' not found and yes: i did update the firewall to the latest version ;-)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Freitag, 1. November 2002 11:06, Dirk Borchers wrote:
On Fri, Nov 01, 2002 at 09:41:32AM +0100, Dirk Borchers wrote:
but when booting, i get error messages. so i disabled the firewall.
Sorry Dirk, but my Crystal Ball just stopped working: It won't show me the error messages you are experiencing, so I can't help you at the moment. Maybe I can when it starts working again.
i will help you (mine got halloween broken - i fixed it. but i should have taken another glue - i still can't see inside...)
sbin/SuSEfirewall2: line 687: test: 192.168.120.24: integer expression expected
and a lot of:
iptables v1.2.7a: host/network 'ippp0' not found
and yes: i did update the firewall to the latest version ;-)
I had the same problem, but with
iptables v1.2.7a: host/network 'eth0' not found
Starting up eth0 ginving it an IP adress (which points to my inner network, eth1 being the DSL), it went OK. So you might want (it is not alerady done, obviously) to start up your ISDN first. OK, I realise that being very annoying. Another known workaround is to install the SuSEfirewall from the 8.0. Maybe this might help you. Kind regards, Gerd - -- Gerd-Christian Michalke gmichalk@freegates.be \\_// +32 2 / 376 43 36 (. .) Powered by SuSE Linux 8.1 - ----------------------------------oOOo-oOOo-------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9wmRy9gMW6jYltOsRAub+AJ94EFqpw3bm5rZi/dlTT0Gh0nuMDACfUaVh S+O2hvNQLKiQRnxZHNyGK4c= =4ODg -----END PGP SIGNATURE-----
On Fri, Nov 01, 2002 at 11:06:45AM +0100, Dirk Borchers wrote:
sbin/SuSEfirewall2: line 687: test: 192.168.120.24: integer expression expected
OK, I encountered that one too and it was fixed by the latest update alice:/sbin # rpm -q SuSEfirewall2 SuSEfirewall2-3.1-26 Before that, I did the following workaround: preceding line 687 the script /sbin/SuSEfirewall2 looks as follows: PART1=${DEV_IP%%/*} #`echo $DEV_IP | $AWK -F/ '{print $1}'` PART2=${DEV_IP#*/} #`echo $DEV_IP | $AWK -F/ '{print $2}'` which I changed into PART1=`echo $DEV_IP | $AWK -F/ '{print $1}'` PART2=`echo $DEV_IP | $AWK -F/ '{print $2}'`
iptables v1.2.7a: host/network 'ippp0' not found
Are you sure that the interface ippp0 actually exists at that time?
It didn't on my system. Just put a "isdnctrl list ippp0" at the top of
SuSEfirewall2 and let's see what happens.
Ciao
Jörg
--
Joerg Mayer
sbin/SuSEfirewall2: line 687: test: 192.168.120.24: integer expression expected
Is there something written what is expected at this line (maybe something like "192.168.120.24,tcp"?)? Look what the descriptions in the script that tells you what to put there. Sometimes it is a littlebit "short".
and a lot of:
iptables v1.2.7a: host/network 'ippp0' not found
This is because ippp0 is maybe not up or does not have an ip-address. Hm there must be a setting to tell ippp0 is "static" ip or fake as it is static. It seems that this is missing in SuSEfirewall2 but was present in SuSEfirewall1! Then you will not have problems to start the firewall at boottime. Otherwise you can start SuSEfirewall at the time you login to your Provider. At this time the firewall will "know" the ip of your dialin device.
and yes: i did update the firewall to the latest version ;-)
The best method is to start the dialup at boottime (dsl) and then init the SuSEfirewall at S99 instead of S21 in the /etc/init.d At this time dialin should be done already and ippp0 got an address from the provider. Philippe
sbin/SuSEfirewall2: line 687: test: 192.168.120.24: integer expression expected
Is there something written what is expected at this line (maybe something like "192.168.120.24,tcp"?)? Look what the descriptions in the script that tells you what to put there. Sometimes it is a littlebit "short".
the whole line is: FW_MASQ_NETS="192.168.120.22 192.168.120.24 192.168.120.49 192.168.120.191" This worked in SuSE 7.3...
and a lot of:
iptables v1.2.7a: host/network 'ippp0' not found
This is because ippp0 is maybe not up or does not have an ip-address. Hm there must be a setting to tell ippp0 is "static" ip or fake as it is static. It seems that this is missing in SuSEfirewall2 but was present in SuSEfirewall1! Then you will not have problems to start the firewall at boottime. Otherwise you can start SuSEfirewall at the time you login to your Provider. At this time the firewall will "know" the ip of your dialin device.
and yes: i did update the firewall to the latest version ;-)
The best method is to start the dialup at boottime (dsl) and then init the SuSEfirewall at S99 instead of S21 in the /etc/init.d At this time dialin should be done already and ippp0 got an address from the provider.
I will put it at the end. I hope that a link to the SuSEfirewall2_setup will do and leave the other two firewallscripts untouched. dirk
On 11/01/2002 11:01 PM, Dirk Borchers wrote:
sbin/SuSEfirewall2: line 687: test: 192.168.120.24: integer expression
expected
Is there something written what is expected at this line (maybe something like "192.168.120.24,tcp"?)?
the whole line is: FW_MASQ_NETS="192.168.120.22 192.168.120.24 192.168.120.49 192.168.120.191"
This worked in SuSE 7.3...
IIRC, there should be the subnet mask, i.e. 192.168.120.22/24. It looks like you only gave it the hosts but not the network. HTH. -- Joe & Sesil Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: http://www.mydestiny.net/~joe_morris Registered Linux user 231871 God said, I AM that I AM. I say, by the grace God, I am what I am.
On Fri, Nov 01, 2002 at 04:01:37PM +0100, Dirk Borchers wrote:
sbin/SuSEfirewall2: line 687: test: 192.168.120.24: integer expression expected
Is there something written what is expected at this line (maybe something like "192.168.120.24,tcp"?)? Look what the descriptions in the script that tells you what to put there. Sometimes it is a littlebit "short".
the whole line is: FW_MASQ_NETS="192.168.120.22 192.168.120.24 192.168.120.49 192.168.120.191"
just guessing about that "integer expression": it probably arises from >> test "$PART2" -lt 16 << if DEV_IP contains no "/", PART2=${DEV_IP#*/} will be just $DEV_IP, and >> 192.168.120.22 -lt 16 << is obviously nonsense to the shell :) try FW_MASQ_NETS="192.168.120.22/32 192.168.120.24/32 192.168.120.49/32 192.168.120.191/32" if that is it, its easy to patch :) --- /sbin/SuSEfirewall2.orig 2002-11-01 16:59:23.000000000 +0100 +++ /sbin/SuSEfirewall2 2002-11-01 17:03:33.000000000 +0100 @@ -682,6 +682,7 @@ PART1=${DEV_IP%%/*} #`echo $DEV_IP | $AWK -F/ '{print $1}'` PART2=${DEV_IP#*/} + test "$PART2" = "$DEV_IP" && PART2=32 # no "/" present ... #`echo $DEV_IP | $AWK -F/ '{print $2}'` test '!' -z "$PART2" && test "$PART2" -lt 16 && { echo "$PART1" | $GREP -Eq '^10\.|^172\.1' || { cheers, Lars
participants (6)
-
Dirk Borchers -
Gerd-Christian Michalke -
Joe & Sesil Morris (NTM) -
Joerg Mayer -
Lars Ellenberg -
Philippe Vogel