Hi
It is right that fw_allow_ping_fw=yes means that the firewall is
pingable from the internet.
But if the 3 options set to yes the ping should go through the
firewall(dokumentation of the firewall script)
What do you mean with masq the ping? How can I masq an icmp echo???
Regards
Björn Berger
-----Ursprüngliche Nachricht-----
Von: Stefan_Walther@gehag-dsk.de [mailto:Stefan_Walther@gehag-dsk.de]
Gesendet: Montag, 16. Juli 2001 11:20
An: maillist
Cc: suse-security@suse.com
Betreff: Re: [suse-security] Suse firewall script question
Hi,
I think fw_allow_ping_fw means, that you can ping the firewall. The same
I
think is only meant for the firewall. I think you have to masq your
pings,
if you want to ping through your firewall to the internet.
MfG.
Stefan Walther
stefan_walther@gehag-dsk.de
dienst.: +4930/89786448
Funk: +49172/3943961
"maillist"
enit.de> Kopie:
Thema: [suse-security] Suse
firewall script question
16.07.2001
11:24
Hello
I´m trying to set up a linux firewall box with 3 network devices. The
first points to the internet gateway, the second to the DMZ(192.168.1.x)
and the third to the internal network(192.168.2.x). I´m using Suse 7.0
and have installed the firewall script and squid proxy server. The squid
runs fine html,ftp works. In the firewall script I have disabled routing
and masquerading. Now I want to ping the internet from my internal
network. But no request gets an answer.
I have set the following options to yes
fw_allow_ping_fw = yes
fw_allow_incoming_highports_udp=yes
fw_allow_fw_traceroute=yes
Referencing to the technical dokumentation these 3 options set to yes
allows the icmp ping to pass the firewall. But it didn´t work :-(
Has anyone an idea?
Thx for any help
Regards
Björn Berger
--
To unsubscribe, e-mail: suse-security-unsubscribe@suse.com
For additional commands, e-mail: suse-security-help@suse.com