Mailinglist Archive: opensuse-security (334 mails)

< Previous Next >
Re: [suse-security] Cipe starts before firewalldaemon on SuSe-Live CD
  • From: Alex <xander.r@xxxxxx>
  • Date: Thu, 11 Sep 2003 12:38:53 +0200
  • Message-id: <1063276733.10034.26.camel@xxxxxxxxxxxxxx>
On Thu, 2003-09-11 at 11:58, Jan Frederik Pielhau wrote:
> Hi there.
>
> We've got a SuSe Linux Firewall on CD 2 and use CIPE to connect a branch office.
> Because the remote network is on a dialup-line, we use the cipe's ip-up script to
> insert some iptables rules for the network connection between the LANs.
Why do you put the iptables rules in the cipe script? You have to create
a cipe chain in the firewall script; with fas GUI is very simple: go to
IP-Filter and NAT menu, choose Expert Configuration and New Chain in IP
Filter Menu, add your rules there.
For example you could create 2 chains: one that accepts the key from
your peer and another that forwards the traffic between the 2 lans
trough the cipe interface; the first will be added in the INPUT chain
and the second in the FORWARD chain.
Don't forget to start cipe deamon by hand on the floppy in
/etc/rc.config

Anyway I suggest you to join the suse-fwoncd list:
http://lists.suse.com/archive/suse-fwoncd/

Ciao




< Previous Next >