Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] SuSEFirewall2, smtp, nntp, telnet - STOP
  • From: "R. Ullenboom" <rene@xxxxxxxxxxxx>
  • Date: Sun, 27 Jan 2002 12:46:51 +0100
  • Message-id: <016101c1a729$a5e65d00$c700a8c0@xxxxxx>
Hi,

found my mistake. Cause i've no local DNS, I had to fill-in the Provider-DNS
into each Client-Configuration.
Now it's going to be a sunny Sunday .-),

Bye,
Rene


----- Original Message -----
From: "R. Ullenboom" <rene@xxxxxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Sunday, January 27, 2002 10:22 AM
Subject: [suse-security] SuSEFirewall2, smtp, nntp, telnet


> Hi,
> got probs with configuring SuSEFirewall2 (SF2). Transparent proxiing
(Squid)
> with Web-Browser works. Also Masquerading (ping_to_Internet) From some
> aacounts i can get eMail with my eMail-Client (Outlook) over Masq. But I
> can't send them. Even telnet through the Firewall for testing mail-traffic
> does not work. And at least I tried to get nntp over Squid-SSL and it does
> not work. Whats wrong with my configuration:
>
> Thanx 4 help and
>
> Here it is:
>
> FW_DEV_EXT="ppp0"
> FW_DEV_INT="eth0"
> FW_DEV_DMZ=""
> FW_ROUTE="yes"
> FW_MASQUERADE="yes"
> FW_MASQ_DEV="$FW_DEV_EXT"
> FW_MASQ_NETS="192.168.0.0/16 10.0.0.0/16"
> FW_PROTECT_FROM_INTERNAL="no"
> FW_AUTOPROTECT_SERVICES="yes"
> FW_SERVICES_EXT_TCP="25 80"
> FW_SERVICES_EXT_UDP="" # Common: domain
> FW_SERVICES_EXT_IP=""
> FW_SERVICES_DMZ_TCP=""
> FW_SERVICES_DMZ_UDP=""
> FW_SERVICES_DMZ_IP=""
> FW_SERVICES_INT_TCP="23 25 53 110 119 3128"
> FW_SERVICES_INT_UDP="23 25 53 110 119"
> FW_SERVICES_INT_IP=""
> FW_TRUSTED_NETS="192.168.0.0/16 10.0.0.0/16"
> FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes"
> FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes"
> FW_SERVICE_AUTODETECT="yes"
> FW_SERVICE_DNS="no"
> FW_SERVICE_DHCLIENT="no"
> FW_SERVICE_DHCPD="no"
> FW_SERVICE_SQUID="yes"
> FW_SERVICE_SAMBA="no"
> FW_FORWARD=""
> FW_FORWARD_MASQ=""
>
> FW_REDIRECT="192.168.0.0/16,0/0,tcp,80,3128 192.168.0.0/16,0/0,tcp,21,3128
> 192.168.0.0/16,0/0,udp,80,3128 192.168.0.0/16,0/0,udp,21,3128
> 192.168.0.0/16,0/0,tcp,443,3128 192.168.0.0/16,0/0,udp,443,3128
> 192.168.0.0/16,0/0,tcp,563,3128 192.168.0.0/16,0/0,udp,563,3128"
>
> FW_LOG_DROP_CRIT="yes"
> FW_LOG_DROP_ALL="no"
> FW_LOG_ACCEPT_CRIT="yes"
> FW_LOG_ACCEPT_ALL="no"
> FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix
> SuSE-FW"
> FW_KERNEL_SECURITY="yes"
> FW_STOP_KEEP_ROUTING_STATE="no"
> FW_ALLOW_PING_FW="yes"
> FW_ALLOW_PING_DMZ="yes"
> FW_ALLOW_PING_EXT="no"
>
>
>
>
#-------------------------------------------------------------------------#
> #
#
> # EXPERT OPTIONS - I left them on default!! #
> #
#
>
#-------------------------------------------------------------------------#
>
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx


< Previous Next >
References