Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
Re: firewall help..
  • From: Stefan Tichy <nobody@xxxxxxxxxxxxxxxxx>
  • Date: Tue, 2 Mar 2004 19:04:55 +0100
  • Message-id: <20040302180455.GA13824@xxxxxxxxxxxxxxxx>
On Tue, Mar 02, 2004 at 05:51:52PM +0100, maarten van den Berg wrote:
> On Tuesday 02 March 2004 17:05, Gilmore, Eric wrote:
> > Can anyone give me a clue? The basics are:

> Hm... reading on I notice you don't use the Suse firewall filter. Why not ?

The listing of iptables rules looks strange. There is an allow
policy and there are lots of allow rules, but nothing is denied.
There are LOG targets at the end. They will not log anything because
the pakets have already been accepted.

The rule specifications for POSTROUTING chain are probably
uneccessary. I am not shure, because I did not really find out what
you are trying to do.

Maybe it is easier to use the SuSE firewall script to generate the
iptables rules (that is what SuSE firewall does).


> > -afp (apple) connections from anywhere
>
> See samba, the services are fairly similar.

In addition to the filter rules it is neccessary to allow the
connection with some /etc/hosts.allow entry.


--
Stefan Tichy ( s.list at pi4tel dot de )

< Previous Next >