Hi Christian! (-: On Montag, 7. Oktober 2002 18:06, bowfingermail@gmx.net wrote:
Hi "D" :) O.K, I should change the pine-config on my server... KMail on my Desktop-PC shows correctly my full name!
PROXY is 192.168.0.6 (and really MASQERADING) SERVER is 192.168.0.1
Actually I only call it "PROXY" because it was one. No it's a router, sorry.
The rules are loaded properly and grepping iptables -L is OK, too. But when trying to open http://<PROXIES-IP>:80 from my PC (routed throug PROXY) the connection times out. Do you see anything wrong when using FW_DROP_* = yes ?
You said, there's no problem with your config. What exactly did you do? I've got a masquerading DSL router-box using SuSEfirewall2 and my server running mail-, dhcp-, dns-,... services for the masqueraded internal home-network. Now I wanted to get via ssh from external internet direct to my server and not to the firewall-machine. I enabled that with the following entries in the firewall2.rc.config: FW_DEV_EXT="ppp0" FW_DEV_INT="eth0" FW_MASQ_NETS="192.168.42.0/24" FW_FORWARD_MASQ="0/0,192.168.42.6,tcp,22" ... and finally this one to get from my internal network via ssh on the firewall-box (without that setting the traffic is redirected to my server and the firewall is not accessible even from internal network) FW_REDIRECT="192.168.42.0/24,192.168.42.5,tcp,22,22"
Ah, hmm just a test: I try to ssh from my masqueraded desktop-PC to ssh to the internet-IP of my firewall and... Oct 8 00:15:39 minasmorgul kernel: SuSE-FW-NO_ACCESS_INT->FWEXT IN=eth0 OUT= MAC=00:e0:7d:82:b3:2f:00:e0:7d:82:ab:5a:08:00 SRC=192.168.42.1 DST=217.84.11.69 LEN=60 TOS=0x10 PREC=0x00 TTL=64 ID=27916 DF PROTO=TCP SPT=32791 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A0023434D0000000001030300) ...it does obviously not work. So I think the mistake is not the SuSEfirewall2-script, but in front of the screen! ;->> Try to connect from an external machine to your redirected webserver and use the internal interface from internal machines. -- Eat, sleep and go running, David Huecking. Encrypted eMail welcome! GnuPG/ PGP-Fingerprint: 3DF2 CBE0 DFAA 4164 02C2 4E2A E005 8DF7 5780 9216