Mailinglist Archive: opensuse-factory (437 mails)

< Previous Next >
Re: [opensuse-factory] Switching SuSEFirewall for iptables
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Tue, 28 Apr 2015 17:33:06 +0200
  • Message-id: <mhoadg$lrn$1@saturn.local.net>
Uzair Shamim wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/28/2015 04:59 AM, Marcus Meissner wrote:
On Tue, Apr 28, 2015 at 10:43:07AM +0200, Per Jessen wrote:
Uzair Shamim wrote:

I am trying to setup a machine with some docker containers but
the default suse firewall is interfering. Normally I would
just add the required rules to iptables for NAT and forwarding
but it seems suse firewall does not recognize the interface
connected to docker so I cannot add rules to allow traffic
to/from it. Is there a way to disable the SuSEFirewall and
just use plain old iptables?

Yep, that's exactly what you do - disable (or even uninstall) the
openSUSE firewall, then add your own iptables script.

What interface is detected? SuSEfirewall would probably put it in
the external zone by default.

Ciao, Marcus


@Per Jessen
So its fine if I just disable the SuSEFirewall and then build iptables
as desired? Obviously I will have to add all the rules I need but this
wont cause any known issues? Sounds like a plan.

That's what I do - I've had my own iptables (ipchains) firewall setup
from way before SuSEFirewall, I've never had any reason to change.
To my knowledge, SuSEFirewall is "just" a framework for managing an
iptables firewall - I just use vi :-)


--
Per Jessen, Zürich (9.6°C)
http://www.hostsuisse.com/ - dedicated server rental in Switzerland.

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >