Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
Re: [suse-security] Suse firewall script question
  • From: Stefan_Walther@xxxxxxxxxxxx
  • Date: Mon, 16 Jul 2001 13:13:01 +0200
  • Message-id: <OFABECA29E.5D6FE75E-ONC1256A8B.0035AF8F@xxxxxxxxxxxx>


two things you have to check:

1st: what is your kernelversion. In kernel 2.2.x you have to check in
network options the point ICMP-Masquerading.
2nd: you have to enable IP-FORWARDING in /proc/sys/net/ipv4/ip_forward. If
there is a 1 in ip_forward your ping goes from the internal interface to
the external interface with the IP of your internal interface of your local
computer. the internet cannot do anything with this IP, because these
private IP's aren't routeable.


Stefan Walther
dienst.: +4930/89786448
Funk: +49172/3943961

<maillist@inv An: <suse-security@xxxxxxxx>> Kopie:
Thema: AW: [suse-security] Suse firewall script question

It is right that fw_allow_ping_fw=yes means that the firewall is
pingable from the internet.
But if the 3 options set to yes the ping should go through the
firewall(dokumentation of the firewall script)
What do you mean with masq the ping? How can I masq an icmp echo???
Björn Berger

< Previous Next >