On Mon, 12 Jun 2006 12:44:58 -0400, Matt Standish wrote
I would like to customize the SuSE filewall a little further on SuSE 10.1. (ie, restrict SSH access by subnet). I know how to do this with IPTables but is there a way to do it directly with the SuSE firewall?
Is there a file I can edit to add commands like: -A INPUT -i eth0 -s 192.168.1.0/19 -p tcp -m tcp --dport 22 -j ACCEPT
(I changed the IP on that one, I really want to edit IP's live on the net)
--
Best way I can think of is edit the /etc/sysconfig/SuSEFirewall remove the "ssh" from "FW_SERVICES_EXT_TCP=" add to or edit so that it has FW_TRUSTED_NETS= "192.168.1.0/19,tcp,22" -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com