On Sun, Nov 16, 2008 at 1:57 PM, James Knott
Edke wrote:
Hello guys,
I'm replacing SuseFirewall2 with iptables ????
I thought SuSE firewall was a method of configuring Iptables. You don't replace it with Iptables. You can use any method you wish to do the configuration, but it's still Iptables.
I was strugling to create my needed configuration in SuSE firewall therefore I used iptables directly and wrote few rules and it works great. Problem with SuSE firewall is, that I quite don't understand the logic of internal/external and demilitarized zone. I need to set up firewall so that it's open to my LAN subnet (192.168.1.0/24) and to the rest only few ports as 80, 22. Rest of the traffic should be rejected. And it's so easy with just iptables: -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -s 192.168.1.0/24 -p tcp -m state --state NEW -j ACCEPT -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT -A INPUT -j REJECT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -- s pozdravom do zatvy Edke G-mail: edke.kraken@gmail.com ICQ: 47405942 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org