On 01/19/2011 05:20 PM, James Knott wrote:
Togan Muftuoglu wrote:
FW_LOG_ACCEPT_ALL="yes" FW_LOG_DROP_ALL="yes" FW_LOG_LIMIT="no"
After deciding your approach run the nmap test ( I assume you are running it from outside the firewall) and check the logs. It should give more clue. Once your test is done change the above back to original as they do cause lots of logging.
That results in a huge file. What am I looking for in it?
I told you :) any log that is letting in ports in ipv6 that you don't want them in so based on your first message showing the results of your scan, I am guessing you only want 22 and 993. everything else that is accepted is the problem area HTH Togan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org