New subject: [SLE] My LAN user can not surfing in internet before I restart my SuSEfirewall2

28 Feb 2003

      Dear my friends....

I am using SuSE Linux 8.1 for our internet gateway. I
installed Squid, SuSEfirewall2 and ip-masquerading on
the Linux-Box.

It runs properly after a couple of hours in one day
but than my LAN user can not surfing in internet
anymore. If the problem comes, my LAN user still can
use e-mail through IP-Masquerading but not http.

If the problem comes than I have to restart the
SuSEfirewall2 with:
"
SuSEfirewall2 stop
SuSEfirewall2 start
"
After restarting the SuSEfirewall2 than my LAN user
can surfing in internet back (again).

If I restart my SuSEfirewall I got this error message:
"
proxy:~ # SuSEfirewall2 stop
Removing filter rules ...
SuSEfirewall2: clearing rules now ... done
proxy:~ # SuSEfirewall2 start
Warning: FW_SERVICE_DNS defined, but no DNS server
found running!
proxy:~ #
"

Here is my "/var/log/messages":
"
patrixlinux@patrix:~/arsip> tail -n 60 ./fromproxy
Feb 27 13:14:17 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=247 ID=38389 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:14:17 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=246 ID=35450 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:14:23 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=247 ID=38390 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:14:23 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=246 ID=35451 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:14:24 proxy squid[8941]: idnsCheckQueue: ID
5c4: giving up after 35 tr
ies and 310.0 seconds
Feb 27 13:14:24 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=96 TOS=0x00 PREC=0x00
TTL=247 ID=38391 DF PROTO
=UDP SPT=53 DPT=1096 LEN=76
Feb 27 13:14:24 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=246 ID=35452 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:14:28 proxy squid[8941]: idnsCheckQueue: ID
5c5: giving up after 34 tr
ies and 302.7 seconds
Feb 27 13:14:28 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=247 ID=38392 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=173 TOS=
0x00 PREC=0x00 TTL=64 ID=61439 DF PROTO=UDP SPT=631
DPT=631 LEN=153
Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=173 TOS=
0x00 PREC=0x00 TTL=64 ID=61440 DF PROTO=UDP SPT=631
DPT=631 LEN=153
Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=171 TOS=
0x00 PREC=0x00 TTL=64 ID=61441 DF PROTO=UDP SPT=631
DPT=631 LEN=151
Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=174 TOS=
0x00 PREC=0x00 TTL=64 ID=61442 DF PROTO=UDP SPT=631
DPT=631 LEN=154
Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=247 ID=38393 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=96 TOS=0x00 PREC=0x00
TTL=246 ID=35453 DF PROTO
=UDP SPT=53 DPT=1096 LEN=76
Feb 27 13:14:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=247 ID=38394 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:14:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=246 ID=35454 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:14:40 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=246 ID=35455 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:14:44 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=96 TOS=0x00 PREC=0x00
TTL=247 ID=38395 DF PROTO
=UDP SPT=53 DPT=1096 LEN=76
Feb 27 13:14:44 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=246 ID=35456 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:14:46 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=247 ID=38396 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:14:47 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=174 TOS=
0x00 PREC=0x00 TTL=64 ID=61555 DF PROTO=UDP SPT=631
DPT=631 LEN=154
Feb 27 13:14:51 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=247 ID=38397 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:14:51 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=96 TOS=0x00 PREC=0x00
TTL=246 ID=35457 DF PROTO
=UDP SPT=53 DPT=1096 LEN=76
Feb 27 13:14:54 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=247 ID=38398 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:14:54 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=246 ID=35458 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:14:56 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=246 ID=35459 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:15:01 proxy squid[8941]: idnsCheckQueue: ID
5c6: giving up after 33 tr
ies and 301.9 seconds
Feb 27 13:15:01 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=246 ID=35460 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:15:04 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=173 TOS=
0x00 PREC=0x00 TTL=64 ID=61623 DF PROTO=UDP SPT=631
DPT=631 LEN=153
Feb 27 13:15:04 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=173 TOS=
0x00 PREC=0x00 TTL=64 ID=61624 DF PROTO=UDP SPT=631
DPT=631 LEN=153
Feb 27 13:15:04 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=171 TOS=
0x00 PREC=0x00 TTL=64 ID=61625 DF PROTO=UDP SPT=631
DPT=631 LEN=151
Feb 27 13:15:04 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=174 TOS=
0x00 PREC=0x00 TTL=64 ID=61626 DF PROTO=UDP SPT=631
DPT=631 LEN=154
Feb 27 13:15:05 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=217.
225.240.146 DST=145.254.88.223 LEN=60 TOS=0x00
PREC=0x00 TTL=54 ID=13525 DF PROT
O=TCP SPT=2539 DPT=4662 WINDOW=15972 RES=0x00 SYN
URGP=0 OPT (020405840402080A00
5A2CC70000000001030300)
Feb 27 13:15:05 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=247 ID=38399 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:15:07 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=247 ID=38400 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:15:08 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=217.
225.240.146 DST=145.254.88.223 LEN=60 TOS=0x00
PREC=0x00 TTL=54 ID=13724 DF PROT
O=TCP SPT=2539 DPT=4662 WINDOW=15972 RES=0x00 SYN
URGP=0 OPT (020405840402080A00
5A2DF30000000001030300)
Feb 27 13:15:11 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=247 ID=38401 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:15:11 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=246 ID=35461 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:15:11 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=246 ID=35462 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:15:14 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=217.
225.240.146 DST=145.254.88.223 LEN=60 TOS=0x00
PREC=0x00 TTL=54 ID=14050 DF PROT
O=TCP SPT=2539 DPT=4662 WINDOW=15972 RES=0x00 SYN
URGP=0 OPT (020405840402080A00
5A304B0000000001030300)
Feb 27 13:15:17 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=246 ID=35463 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:15:18 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=174 TOS=
0x00 PREC=0x00 TTL=64 ID=61697 DF PROTO=UDP SPT=631
DPT=631 LEN=154
Feb 27 13:15:21 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=247 ID=38402 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:15:21 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=247 ID=38403 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:15:26 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=217.
225.240.146 DST=145.254.88.223 LEN=60 TOS=0x00
PREC=0x00 TTL=54 ID=14661 DF PROT
O=TCP SPT=2539 DPT=4662 WINDOW=15972 RES=0x00 SYN
URGP=0 OPT (020405840402080A00
5A34FB0000000001030300)
Feb 27 13:15:28 proxy squid[8941]: idnsCheckQueue: ID
5c7: giving up after 34 tr
ies and 303.1 seconds
Feb 27 13:15:28 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=247 ID=38404 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:15:28 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00
PREC=0x00 TTL=246 ID=35464 DF PROT
O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:15:31 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=195.
202.35.106 DST=145.254.88.223 LEN=48 TOS=0x00
PREC=0x00 TTL=113 ID=4772 DF PROTO
=TCP SPT=2896 DPT=4662 WINDOW=16384 RES=0x00 SYN
URGP=0 OPT (0204058601010402)
Feb 27 13:15:34 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.
253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00
PREC=0x00 TTL=246 ID=35465 DF PROT
O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:15:34 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=195.
202.35.106 DST=145.254.88.223 LEN=48 TOS=0x00
PREC=0x00 TTL=113 ID=4891 DF PROTO
=TCP SPT=2896 DPT=4662 WINDOW=16384 RES=0x00 SYN
URGP=0 OPT (0204058601010402)
Feb 27 13:15:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f
f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=173 TOS=                         
                                    0x00 PREC=0x00
TTL=64 ID=61792 DF PROTO=UDP SPT=631 DPT=631 LEN=153
Feb 27 13:15:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f                           

f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=173 TOS=                         
                                    0x00 PREC=0x00
TTL=64 ID=61793 DF PROTO=UDP SPT=631 DPT=631 LEN=153
Feb 27 13:15:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f                           

f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=171 TOS=                         
                                    0x00 PREC=0x00
TTL=64 ID=61794 DF PROTO=UDP SPT=631 DPT=631 LEN=151
Feb 27 13:15:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=eth0 OUT= MAC=ff:ff:ff:f                           

f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238
DST=192.168.23.0 LEN=174 TOS=                         
                                    0x00 PREC=0x00
TTL=64 ID=61795 DF PROTO=UDP SPT=631 DPT=631 LEN=154
Feb 27 13:15:39 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.                           
                                  253.2.196
DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247
ID=38405 DF PROT                                      
                       O=UDP SPT=53 DPT=1096 LEN=281
Feb 27 13:15:40 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=195.                           
                                  202.35.106
DST=145.254.88.223 LEN=48 TOS=0x00 PREC=0x00 TTL=113
ID=5137 DF PROTO                                      
                       =TCP SPT=2896 DPT=4662
WINDOW=16384 RES=0x00 SYN URGP=0 OPT
(0204058601010402)
Feb 27 13:15:45 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.                           
                                  253.2.196
DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=247
ID=38406 DF PROT                                      
                       O=UDP SPT=53 DPT=1096 LEN=97
Feb 27 13:15:45 proxy kernel: SuSE-FW-ILLEGAL-TARGET
IN=ippp0 OUT= MAC= SRC=145.                           
                                  253.2.139
DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246
ID=35466 DF PROT                                      
                       O=UDP SPT=53 DPT=1096 LEN=281
patrixlinux@patrix:~/arsip>
"
Please help me to solve this problem.

I still can not understand. Should I allow
"145.254.88.223"? How?

Thank you very much in advance.

__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/

My LAN user can not surfing in internet before I restart my SuSEfirewall2

Prabu Subroto

Linux World 999

Prabu Subroto

Joe Morris (NTM)

Jerry A!

tags

participants (4)