Okay I don't think this is how marc would do it but I would put that line at line 729 of /sbin/SuSEfirewall i.e } done # Here is your rule: $IPCHAINS -A forward -s etc etc -d etc .... test "$FW_ROUTE" = yes && for i in $DEV_INT_NET $FW_MASQ_NETS; do for j in $FW_DEV_WORLD; do $IPCHAINS -A input -j "$DENY" -i $j -d $i $LDC done done On Tue, 3 Oct 2000, W.Schlich wrote:
--snip-- ipchains -D forward 2 ipchains -A forward -s 192.168.0.0/23 -d 192.168.0.0/23 -j ACCEPT --snip-- The rule you've used above is quite okay now in order not to always have to put it in manually you can add it to /sbin/SuSEfirewall before
first: thanks for your help. the rule
that tells it to deny everything by default. hmm... I don't _really_ understand /sbin/SuSEfirewall any hints which line to go to? :)
Although from what I see above those two cards seem to be on the same network. err... eth0: 192.168.0.0/24 (192.168.0.0/255.255.255.0) eth1: 192.168.1.0/24 (192.168.1.0/255.255.255.0) -> 192.168.0.0/23 (192.168.0.0/255.255.254.0)
btw: am I the first one who needs forwarding / routing etc. between internal interfaces?!
Mit freundlichen Gr�ssen
| Wolfram Schlich ------------------------------------------------------------------ | E-Mail: wolfram@schlich.org * ICQ #: 35713642 | Postal: Berghof * 56626 Andernach * Germany | Tel.: +49-(0)2636-941194
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com