Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
RE: [suse-security] Suse firewall script question
  • From: "Andreas Marbet" <andreas.marbet@xxxxxxxxxxx>
  • Date: Mon, 16 Jul 2001 12:37:39 +0200
  • Message-id: <AE56130C0A27B742B27A3DF5780E0B530209D2@xxxxxxxxxxxxxxxxxxxxxxx>
If you use private addresses for your internal lan, then I think you
have to
masquerade these addresses. In your case, ping reaches the outside, but
reply never arrives because it is not routable.


----- Original Message -----
From: "maillist" <maillist@xxxxxxxxxx>

It is right that fw_allow_ping_fw=yes means that the firewall is
pingable from the internet.
But if the 3 options set to yes the ping should go through the
firewall(dokumentation of the firewall script)
What do you mean with masq the ping? How can I masq an icmp echo???

-----Ursprüngliche Nachricht-----
Von: Stefan_Walther@xxxxxxxxxxxx [mailto:Stefan_Walther@xxxxxxxxxxxx]
Gesendet: Montag, 16. Juli 2001 11:20
An: maillist
Cc: suse-security@xxxxxxxx
Betreff: Re: [suse-security] Suse firewall script question


I think fw_allow_ping_fw means, that you can ping the firewall. The same
think is only meant for the firewall. I think you have to masq your
if you want to ping through your firewall to the internet.



I´m trying to set up a linux firewall box with 3 network devices. The
first points to the internet gateway, the second to the DMZ(192.168.1.x)
and the third to the internal network(192.168.2.x). I´m using Suse 7.0
and have installed the firewall script and squid proxy server. The squid
runs fine html,ftp works. In the firewall script I have disabled routing
and masquerading. Now I want to ping the internet from my internal
network. But no request gets an answer.

< Previous Next >