Mailinglist Archive: opensuse-bugs (4243 mails)

< Previous Next >
[Bug 1017936] No DMZ routing with Yast2 configured FW & Wicked
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Wed, 04 Jan 2017 17:00:07 +0000
  • Message-id: <bug-1017936-21960-jCnVZL7uBB@http.bugzilla.opensuse.org/>
http://bugzilla.opensuse.org/show_bug.cgi?id=1017936
http://bugzilla.opensuse.org/show_bug.cgi?id=1017936#c7

--- Comment #7 from Lee Lammert <lvl@xxxxxxxxxxx> ---
(In reply to Michal Filka from comment #3)
(In reply to Lee Lammert from comment #0)

# grep ^FW_ /etc/sysconfig/network/SuSEfirewall2
FW_DEV_EXT="eth0"
FW_DEV_INT="p132p1"
FW_DEV_DMZ="p128p1"
FW_ROUTE="yes"

According this it seems that yast did his job as expected. Please add

cat /etc/sysctl.conf

$ cat /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.all.forwarding = 0


iptables -L

See attached

rcSuSEfirewall2 status
$ rcSuSEfirewall2 status
● SuSEfirewall2.service - SuSEfirewall2 phase 2
Loaded: loaded (/usr/lib/systemd/system/SuSEfirewall2.service; enabled;
vendor preset: disabled)
Active: active (exited) since Tue 2017-01-03 04:27:11 CST; 24h ago
Process: 8489 ExecStop=/usr/sbin/SuSEfirewall2 systemd_stop (code=exited,
status=0/SUCCESS)
Process: 8524 ExecStart=/usr/sbin/SuSEfirewall2 boot_setup (code=exited,
status=0/SUCCESS)
Main PID: 8524 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 512)
CGroup: /system.slice/SuSEfirewall2.service



for completness.

Yast do not set firewall rules itself. It is job of SuSEfirewall which
configures the box according sysconfig setup. Or do you run firewalld?

I configured the firewall both times (first working, then nonworking) using the
Firewall module of Yast2.

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >
References