Mailinglist Archive: opensuse-security (192 mails)

< Previous Next >
AW: [suse-security] IPCHAINS again (because first mail was digita l signed)
  • From: "Gerling, Stephan" <gerling@xxxxxx>
  • Date: Thu, 25 May 2000 16:45:39 +0200
  • Message-id: <E32D80BA3276D311BC480080C8E251DF027992@xxxxxxxxxxx>
Hi Carlos ,
your thougth is right.
Here a little bit more Info's .

Internet Private Network
------------| FW |-----------

ip ip range

i have icmp rules included but they dont work
forwarding rule is masquerade all
a ping from the private network to the FW internal NIC causes in an "request
time out"
also an ping from internal to external. from external i didnt testet it yet

I think i beginn with an clean script from scratch.
But i have a thinking problem with the masq. rules

regards Stephan Gerling

-----Urspr√ľngliche Nachricht-----

Von: Carlos Manuel Duclos Vergara [mailto:carlos@xxxxxxxxxxx]
Gesendet: Freitag, 26. Mai 2000 08:40
An: Gerling, Stephan
Betreff: Re: [suse-security] IPCHAINS again (because first mail was
digital signed)

El jue, 25 may 2000, escribiste:
> Hi list,
> I'am trying to set up an firewall with IPCHAINS.
> If the IPCHAINS-Script is not started, i kann do everything. (i use the
> script on an other
> maschine and it works very fine and i want to change the maschines)
> But now wenn i start the script, the rules are loaded, but i cannot ping
> the outside
> here the error messages
> ping wrote 64 chars, ret=-1
> ping sendto :Operating is not permitted
> ip-forwarding is enabled.
> Has anyone an idea. I'm going sick about this
> regards, Stephan Gerling

if you send us your rules, maybe we can see where the problem is.... but, my
first thought is enabling icmp forwarding :-)
does the other services work allright ?

Carlos Manuel Duclos Vergara

< Previous Next >
Follow Ups