Hi, I packaged ocserv in network:vpn and I wanted to submit it to Factory. Dominique suggests me to raise this topic. I wrote the instruction in README.SUSE before: #### Shutdown SUSEFirewall2 through YaST Because I don't know how to convert iptables rules to SUSEFirewall2 ones. If you can help me, please fork this package and submit back. #### Set iptables rules sudo /sbin/iptables -A INPUT -p tcp --dport 9000 -j ACCEPT sudo /sbin/iptables -A INPUT -p udp --dport 9001 -j ACCEPT sudo /sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE sudo /sbin/iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT The 9000/9001 ports, IP range 192.168.1.0/24 are default ones, you can change them in /etc/ocserv/ocserv.conf Warning: Your eth0 may not exist, you can ifconfig -a to find yours. #### Enable IP forward sudo echo 1 > /proc/sys/net/ipv4/ip_forward It doesn't live after reboot. ===================================================== How can I achieve the same result without shutting SuSEFirewall2 down? Any documentation I can learn from? Marguerite -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org