Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
RE: [suse-security] SuSE Firewall & FreeS/WAN
  • From: "Magus Ba'al" <magusbaal@xxxxxxxxxxxxxx>
  • Date: Mon, 7 Aug 2000 05:18:53 -0700
  • Message-id: <NEBBJBFNBDJGHPBLIBKMKEOKCCAA.magusbaal@xxxxxxxxxxxxxx>
I'm running into the same problem here as well. The two systems are SuSE 6.4
and a Slackware 7.1 box. If I have ipfwadm installed, it adds entries into
my ipchains rules, but everything leaving on IPSEC0 gets dropped. I'm not
sure if the problem is caused by it calling ipfwadm instead of ipchains, if
I screwed up a config file somewhere, or trying to modify the _updown
script.

Here's some good resources that I've found so far for getting it to use
ipchains:

http://jixen.tripod.com/

http://www.freeswan.org/freeswan_trees/freeswan-1.5/doc/firewall.html
If you scroll down about 1/8th of the page, or search for "ipchains firewall
configuration", that has a ipchains script, but I've yet to get it working.

Will be doing some more testing/configuring/damning tomorrow and post
something back if I can get the damn thing working.

If anyone has any pointers/tips/suggestions on how to get it working
properly with ipchains, I would be in your debt, as this has been a pain in
my ass for over a week now.

Steven Beverly
Senior Network Nazi

"Help me Obi Wan Root, you're my only hope!" -Me



-----Original Message-----
From: ag@xxxxxxxxxxxxxxx [mailto:ag@xxxxxxxxxxxxxxx]On Behalf Of Andreas
Gruenbacher
Sent: Monday, August 07, 2000 4:32 AM
To: marc@xxxxxxx
Cc: suse-security@xxxxxxxx
Subject: [suse-security] SuSE Firewall & FreeS/WAN


Dear Marc,

I'm trying to set up a secure Internet gateway using SuSE Firewall and
the FreeS/WAN package. For masquerading firewalls, FreeS/WAN tries to
use ipfwadm, which doesn't exist on that system anymore. ipfwadm-wrapper
also complains:

You cannot mix the `ipfwadm' wrapper with ipchains.
You must delete all user chains and flush all built-in chains
if you want to use the `ipfwadm' wrapper.

Are there any patches for FreeSWAN (perhaps a new _updown script) that
work with SuSE firewall? Otherwise, what can I do to get FreeS/WAN
running on my gateway?


Thanks,
Andreas.

------------------------------------------------------------------------
Andreas Gruenbacher, a.gruenbacher@xxxxxxxxxxxx
Contact information: http://www.bestbits.at/~ag/

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx


< Previous Next >
References