Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
SuSEFirewall2, smtp, nntp, telnet
  • From: "R. Ullenboom" <rene@xxxxxxxxxxxx>
  • Date: Sun, 27 Jan 2002 10:22:30 +0100
  • Message-id: <00d801c1a714$380d3a20$c700a8c0@xxxxxx>
Hi,
got probs with configuring SuSEFirewall2 (SF2). Transparent proxiing (Squid)
with Web-Browser works. Also Masquerading (ping_to_Internet) From some
aacounts i can get eMail with my eMail-Client (Outlook) over Masq. But I
can't send them. Even telnet through the Firewall for testing mail-traffic
does not work. And at least I tried to get nntp over Squid-SSL and it does
not work. Whats wrong with my configuration:

Thanx 4 help and

Here it is:

FW_DEV_EXT="ppp0"
FW_DEV_INT="eth0"
FW_DEV_DMZ=""
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS="192.168.0.0/16 10.0.0.0/16"
FW_PROTECT_FROM_INTERNAL="no"
FW_AUTOPROTECT_SERVICES="yes"
FW_SERVICES_EXT_TCP="25 80"
FW_SERVICES_EXT_UDP="" # Common: domain
FW_SERVICES_EXT_IP=""
FW_SERVICES_DMZ_TCP=""
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_DMZ_IP=""
FW_SERVICES_INT_TCP="23 25 53 110 119 3128"
FW_SERVICES_INT_UDP="23 25 53 110 119"
FW_SERVICES_INT_IP=""
FW_TRUSTED_NETS="192.168.0.0/16 10.0.0.0/16"
FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes"
FW_SERVICE_AUTODETECT="yes"
FW_SERVICE_DNS="no"
FW_SERVICE_DHCLIENT="no"
FW_SERVICE_DHCPD="no"
FW_SERVICE_SQUID="yes"
FW_SERVICE_SAMBA="no"
FW_FORWARD=""
FW_FORWARD_MASQ=""

FW_REDIRECT="192.168.0.0/16,0/0,tcp,80,3128 192.168.0.0/16,0/0,tcp,21,3128
192.168.0.0/16,0/0,udp,80,3128 192.168.0.0/16,0/0,udp,21,3128
192.168.0.0/16,0/0,tcp,443,3128 192.168.0.0/16,0/0,udp,443,3128
192.168.0.0/16,0/0,tcp,563,3128 192.168.0.0/16,0/0,udp,563,3128"

FW_LOG_DROP_CRIT="yes"
FW_LOG_DROP_ALL="no"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"
FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix
SuSE-FW"
FW_KERNEL_SECURITY="yes"
FW_STOP_KEEP_ROUTING_STATE="no"
FW_ALLOW_PING_FW="yes"
FW_ALLOW_PING_DMZ="yes"
FW_ALLOW_PING_EXT="no"



#-------------------------------------------------------------------------#
# #
# EXPERT OPTIONS - I left them on default!! #
# #
#-------------------------------------------------------------------------#


< Previous Next >