On 10/30/2012 2:14 PM, Togan Muftuoglu wrote:
On 10/30/2012 06:34 PM, Marc Chamberlin wrote:
Begin trying to use your application and send the relevant part of the logs, ie if the service is unreachable then find the log entries which are dropped and send them or use susepaste.org which in that case send the paste id
Togan Thanks for the good suggestions Togan, on how to improve SuSEFirewall2! Much appreciated.
I made the changes you suggested, then restarted the firewall, and tried to ping devices on my external network, from inside my internal network. No joy. I did a tail -f /var/log/firewall and post the output to
http://susepast.org/34186a92 There is nothing related to ping in the logs you put up there
but I don't think much of relevance really got logged. Perhaps you will see something I don't.. I can try an do it a few more time, the output is different each time and I suspect mostly from other systems on my internal network communicating with the internet. Please provide the output of ip a sh ip ro sh See http://susepaste.org/5548ce9d
and logs of the firewall when pinging grep -i icmp /var/log/firewall
Well, absolutely nothing is logged when I try to ping devices in the external 169.254.1.x net from the internal 192.168.2.x network! However, I do see ICMP messages coming IN to my firewall machine from various external addresses on the internet. I suspect you don't want to see those... AND I do see ICMP messages when I ping some external site, such as www.google.com, from within my 192.168.2.x private network! I suspect you don't want to see those either.... AND I do see ICMP messages when I ping a device on my external 169.254.1.x network from the firewall machine itself! Seems very odd that nothing is being logged when I execute a ping from my internal network to some device on my external 169.254.1.x private network! Marc... -- "The Truth is out there" - Spooky -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org