it may also be a TCPIP/NAT issue, not necessarily the firewall.
regards,
michael
----- Original Message -----
From: "James Bliss"
This has been an ongoing conversation on the SLE mailing list off and on. This is an issue with the anti-spoofing rules with the firewall2 configuration (a valid security implementation by the way)
First off. we need a view of what the following command provides: grep -v ^# /etc/rc.config.d/firewall2.rc.config
Also, I would suggest adding: At the end of firewall2.rc.config: Section 25. )
FW_CUSTOMRULES="/etc/rc.config.d/firewall2-custom.rc.config"
Then in firewall2-custom.rc.config: In the fw_custom_before_antispoofing() section add: iptables -A INPUT -i
-s -d (external IP address> -j ACCEPT This line should look like: iptaqbles -A INPUT -i eth0 -s 192.168.1.0/24 -d 1.1.1.1 -j ACCEPT 192.169.1.0 should be your internal address range with a 0 at the end. 1.1.1.1 should be the IP address of you external interface.
Then let us know what your resolution is. And we can proceed from there.
(Thanks Togan for the grep command, that is very useful).
Jim