If you use private addresses for your internal lan, then I think you
have to
masquerade these addresses. In your case, ping reaches the outside, but
the
reply never arrives because it is not routable.
Andreas
----- Original Message -----
From: "maillist"
It is right that fw_allow_ping_fw=yes means that the firewall is
pingable from the internet.
But if the 3 options set to yes the ping should go through the
firewall(dokumentation of the firewall script)
What do you mean with masq the ping? How can I masq an icmp echo???
-----Ursprüngliche Nachricht-----
Von: Stefan_Walther@gehag-dsk.de [mailto:Stefan_Walther@gehag-dsk.de]
Gesendet: Montag, 16. Juli 2001 11:20
An: maillist
Cc: suse-security@suse.com
Betreff: Re: [suse-security] Suse firewall script question
Hi,
I think fw_allow_ping_fw means, that you can ping the firewall. The same
I
think is only meant for the firewall. I think you have to masq your
pings,
if you want to ping through your firewall to the internet.
---
Hello
I´m trying to set up a linux firewall box with 3 network devices. The
first points to the internet gateway, the second to the DMZ(192.168.1.x)
and the third to the internal network(192.168.2.x). I´m using Suse 7.0
and have installed the firewall script and squid proxy server. The squid
runs fine html,ftp works. In the firewall script I have disabled routing
and masquerading. Now I want to ping the internet from my internal
network. But no request gets an answer.