Mailinglist Archive: opensuse-security (320 mails)

< Previous Next >
Re: [suse-security] DMZ egress access problem
  • From: Arjen Runsink <arjen@xxxxxxxxxxx>
  • Date: Thu, 22 May 2003 10:23:32 +0200
  • Message-id: <1053591812.3ecc89045623b@xxxxxxxxxxxxxxxx>
Hello Maarten

Quoting maarten van den Berg <maarten@xxxxxxx>:

> FW_MASQ_DEV="eth0 eth2"

Hmm, I don't think it is necessary to masquerade on eth2, and just maybe
that is the culprit

> FW_FORWARD="0/0,X.Y.Z.160/28,tcp,80 0/0,X.Y.Z.160/28,tcp,22
> X.Y.Z.160/28,0/0"

This syntax looks correct indeed.
So remove eth2 from FW_MASQ_DEV and the forward rule from dmz to
outside, because I think the fw rules that are setup already should
allow this.

If this does not work have a good look at the routing table on the fw

Als the DMZ if should be the default gw for the servers in the DMZ

BB, Arjen

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/


< Previous Next >