On 20/10/06 12:20, Greg Wallace wrote:
I have never used SuSE Firewall because I have a router with a built-in firewall, but recently I lost my router and it took a few days to get a new one. Meanwhile, my machine was exposed. So, I decided it would be a good idea to go ahead and enable the firewall, even though I shouldn't really need it currently since I now have a new router.
Security should be a layered defence. A firewall on each internal network system simply adds protection to what you get from a firewall on the gateway. You only enable those services you actually need, and configure them with security in mind. Don't rely on a single point of failure to protect you.
Well, I am having problems with the firewall. I have an Oracle database on the machine which I access from another machine via Oracle's built-in Apache server configuration (it comes with a complete Apache server configuration). Anyway, I am unable to connect to the machine with the newly enabled firewall via that http server (the browser says the site is unreachable, or something like that). I set "Allow All Services" for all zones and STILL I can't connect. Can someone tell me what I am missing here?
Can't tell you a thing right now :-) What version of SuSE are you running? There seem to be minor differences in the SuSEfirewall between versions. Please post the results of: iptables-save cat /etc/sysconfig/SuSEfirewall2