[SLE] How to block POP using SUSE Firewall
Hi, this is my first time using SUSE Firewall (SF) on 10.1 version. since i got many error using webmin with iptables and shorewall module then i decide to use SUSE Firewall trought Yast. SF work fine, all client can access to internet since i enable MASQUERADING. But now i need to know how to: - block POP service - block certain IP Below is my current config: In the External Zone: Service to allow = IPsec In the Internal Zone: Service to allow = DNS, HTTP, Remote Admin and Samba Server Protect firewall from Internal Zone is = Checked But why my client can access POP Service? __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
SF work fine, all client can access to internet since i enable MASQUERADING. But now i need to know how to: - block POP service - block certain IP
But why my client can access POP Service?
I think you could use susefirewall2-customer scripts, that's what i did to block Yahoo Messenger. 1. open /etc/sysconfic/scripts/susefirewall-custom 2. add, after fw_custom_after_antispoofing() part, iptables -A $chains -j DROP -p tcp --dport 110 3. rcSuSEfirewall restart Hope that'll help.. -- Arie Reynaldi Zanahar reymanx at gmail.com http://www.reynaldi.or.id
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2006-07-12 at 23:33 -0700, The Nice Spider wrote:
But why my client can access POP Service?
Because clients can access any external port they want. That kind of blocking is not implemented by susefirewall. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFEti7ttTMYHG2NR9URAnA7AKCFfQdMgeTCRDf5ZRG/AuCaOCRZ7gCfZ+HA VNflnpcJRr77Z7TXzsqT1GY= =J0GM -----END PGP SIGNATURE----- -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
I have successfully installed SUSE and it seems to be working well. During install it did recognise my integral wireless interface and allowed me to configure it via YaST. I then get messages that the interface cannot be accessed. My computer has a button that allows the interface to be turned on or off. It comes up in the off state, but pressing the button will not activate it (indicator light will not come on). Anyone have any thoughts about this. Computer is an HP dv8000 and I am running SUSE 10.1. Thanks! Doug -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Thursday 2006-07-13 at 07:42 -0400, Douglas Dotson wrote:
I have successfully installed SUSE and it seems to be working well.
Please, do not hijack threads. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFEtjbitTMYHG2NR9URAi3TAJ9bDZ5cjIX+Z6fjdYGkUjtJUArPIACghr0f ZAXPhefuyK6v7tw4mxQnQps= =EIMQ -----END PGP SIGNATURE----- -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
participants (4)
-
Arie Reynaldi Z -
Carlos E. R. -
Douglas Dotson -
The Nice Spider