-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi John, On Friday 20 June 2003 17:28, John Lederer wrote:
Jun 20 09:22:22 stpeter kernel: SuSE-FW-DROP-DEFAULT IN=ipsec0 OUT=eth1 SRC=192.168.204.72 DST=10.1.1.55 LEN=84 TOS=0x00 PREC=0x00 TTL=62 ID=7868 DF PROTO=ICMP TYPE=8 CODE=0 ID=54372 SEQ=69 ============================
you have to add an iptables rule in /etc/sysconfig/scripts/SuSEfirewall2.custom ( in the before_spoofing section) and enable (I think it's 26) in /etc/sysconfig/SuSEfirewall2) the custom script because otherwise SuSEfirewall thinks this is an attack of someone spoofing internal addresses... Cheers, Arndt - -- Arndt Faulhaber mailto:arndt.faulhaber@diagnosdata.com gpg-pubkey: http://www.rzuser.uni-heidelberg.de/~afaulhab/arndt.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+8zEPEin8GFiSP10RAt5VAKC0lNih1tZVOalo1I42y/KjNmZQdwCgsDix +cvF9OZ/sPqZIgSNZlI9Vuk= =AwcL -----END PGP SIGNATURE-----