Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] SuSEfirewall2 on 8.0 masq problem
  • From: Volker Kuhlmann <hidden@xxxxxxxxxxxxxxx>
  • Date: Wed, 4 Sep 2002 21:06:02 +1200
  • Message-id: <20020904090602.GC16176@xxxxxxxxxxxxxxx>
> Maybe you get a problem here with the access to the DMZ server from the
> internal network to the external IP address.

The internal machines use the private IP of the server. The server is
pingable, albeit no response from port 80.


I only have 1 external IP and 1 server.

> No ping, nothing!? What about the logs on the firewall?

The logs indicate that packets disappear on the firewall without trace.

> You need access from the internet to your domain name server!?
> You have a ntp server (like xntpd) on the firewall which must reachable from
> the internet only?

Ignore these exact settings for now, it's not part of the problem (and
yes, your xntp daemon reads the time servers on port 123).

> >,,tcp,80
> >,,tcp,443

> Uohhhh, that can't work well, I think, better is:
>,,tcp,80 \
>,,tcp,443 \

That makes absolutely no difference (tried that before posting, and
again now). iptables -nvL shows a lot of rules with ACCEPT target and
with ports 143 and 123 (didn't check the other ports).


Volker Kuhlmann is possibly list0570 with the domain in header Please do not CC list postings to me.

< Previous Next >