I done modifications but i don't see my web server from internet and from inter network
--- Togan Muftuoglu
I use Suse 8.0 and Susefirewall2 # # 9.) FW_SERVICES_EXT_TCP="www http https imap imaps pop3 pop3s smtp"
This is definining the services that are running on the FIREWALL mchine itself. So if your webserver is on the DMZ *you_do_not* put http www https here.
FW_SERVICES_EXT_UDP="www"
leave blank
FW_SERVICES_DMZ_TCP="www" leave blank
FW_SERVICES_DMZ_UDP="www" leave blank
FW_SERVICES_INT_TCP="www"
leave blank
FW_SERVICES_INT_UDP="www"
leave blank
# # 13.) FW_FORWARD="0/0,192.168.5.2,tcp,80"
No leave blank this is only if you have a valid IP that is used in the dmz
# # 14.) FW_FORWARD_MASQ=""
here enter 0/0,192.168.5.2.tcp,80
The document does explain the meaning of the parameters and do has examples. If you have just looked thru may I suggest you reread it. Use of the FW_FORWARD_MASQ is explained on page 22 and there is an example on page 24 (taken from the SuSEfirewall2 documentation)
http://dinamizm.ath.cx/articles/firewall2.pdf ftp://dinamizm.ath.cx/documents/firewall2.pdf
--
Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
___________________________________________________________ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com