Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] SuSE 9.2 + SuSEfirewall2 + nfs problems
  • From: Ludwig Nussel <ludwig.nussel@xxxxxxx>
  • Date: Tue, 15 Mar 2005 16:42:36 +0100
  • Message-id: <20050315154236.GB25803@xxxxxxx>
Simon Oliver wrote:
> > > Mar 15 09:38:55 zzz kernel: SFW2-INext-DROP-DEFLT-INV
> > IN=eth0 OUT= MAC=00:0d:56:
> > > b8:5a:f4:08:00:69:0d:9a:2e:08:00 SRC=130.88.xxx.yyy
> > DST=130.88.xxx.zzz LEN=40 TOS
> > > =0x00 PREC=0x00 TTL=60 ID=12095 DF PROTO=TCP SPT=757
> > DPT=2049 WINDOW=32761 RES=0
> > > x00 ACK RST URGP=0
> >
> > Conntrack thinks those packets are invalid for some reason. Do you
> > have the latest kernel available through YaST Online Update? There
> > have been issues with tcp window tracking but I thought they were
> > fixed already.
> >
> I have kernel 2.6.8-24.11-smp (the latest available I believe)

That's strange. I'd suggest you to start from scratch and then post
your /etc/sysconfig/SuSEfirewall2 file. Just copy
/var/adm/fillup-templates/sysconfig.SuSEfirewall2 to
/etc/sysconfig/SuSEfirewall2 to restore the default configuration
file.

cu
Ludwig

--
(o_ Ludwig Nussel
//\ SUSE LINUX Products GmbH, Development
V_/_ http://www.suse.de/

< Previous Next >