On Wednesday 30 January 2002 23:21, Steffen Dettmer wrote:
I cannot imagine that SuSEfirewall2 states that eth0:0 is a device (otherwise it was a good idea not to use it :) SCNR). But maybe it's just some shorthand for something. Who knows.
I'm guessing that it should work either way.
Now you are not constructive. And this is not a statement you are "allowed" to make as question maker. I spent my free time to try to help you, and you come with such things, this is not nice.
I are correct as well. I should accept the non-constructive with the constructive. I guess that makes us even.
What does this mean? You made a small script that sets up some
I didn't make it. It's taken verbatim from http://www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO/firewall-examples.html I don't trust it as much as I would trust SuSEfirewall's script, after all SuSE (hopefully) spent a lot of time on it, working out all the different contingencies.
firewall rules? Why isn't this integrating nicely?
I put a symlink to it in /etc/init.d/boot.d/ so it starts on bootup, instead of controlling it from /etc/rc.config (preferable) like SuSEfirewall{1,2}
like "--source $home --dest ! $home --dev device"? In this case, the device usually shouldn't matter at all. I don't think it's very logic to do address translation "on" a interface. Well, at
As I have only marginal experience with firewalls, I cannot explain to you why the configuration file is the way it is either.
least you can now compare your rules with the rules generated by SuSEfirewall and adapt Sfw2 to your needs.
Perhaps. I guess I will keep hacking at it until it works (or SuSE releases another version (whichever comes first)). -- Sebastian J. Bronner waschtl@sbronner.com