Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
Re: [suse-security] cant acces domains who are running in my box
  • From: Armin Schoech <armin.schoech@xxxxxx>
  • Date: Tue, 9 Mar 2004 11:06:06 +0000 (GMT)
  • Message-id: <Pine.LNX.4.58.0403091102270.13043@xxxxxxxxxxxxxxxxxxxxx>
Hi !

> I have a problem whit the susefirewall. My internal network cant access my
> webserver and pop and more. When i connect to the IP witch suse have
> (192.168.1.10) then there is no problem. When i try to connect to
> www.mydomain.com then i have a problem. This problem i have only whit
> domains who are running on my box. So i can access al the other interet
> pages.
>
This is called anti-spoofing. On the external interface, only packets
from the internet can arrive. Packets with internal source IP should
only arrive on the internal interface of the firewall.

This has been discussed a number of times. You can either add your own
iptables rules to /etc/sysconfig/scripts/SuSEfirewall2-custom

or maybe make your webserver listen on the internal interface as well.
Have a look at the "BindAddress" line in your httpd.conf file.

HTH,
Armin


--
Am Hasenberg 26 office: Institut für Atmosphärenphysik
D-18209 Bad Doberan Schloss-Straße 6
Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY
Email: schoech@xxxxxxxxxxxx Tel. +49-(0)38293-68-102
WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50

< Previous Next >
This Thread
References