shimi wrote:
--=-7G5597OKp5n0BqgELTUE Content-Type: text/plain Content-Transfer-Encoding: 7bit
On Sun, 2005-03-13 at 15:10 +0200, Daniel Feiglin wrote:
I have the SuSE firewall installed, which is supposed to do this. YaST offers a 4 step procedure, and here are my settings:
1. Select interfaces to protect (internal eth0, external eth1). I did not add dsl0 to the latter. 2. Configure services that should be available: ssh, http, https 3. Firewall: Forward traffic & do maquerading on; Features: Protect all running services, allow traceroute 4. Logging: critical dropped and accepted packets only
That's it.
It seems that there is some manual stuff to do ... and a bit more reading.
Can you show us the output of /sbin/iptables -L (or /sbin/ipchains -L, whatever works), so we can make sure that the firewall is indeed masquerading what's needed?
iptables -L produces a ton of output. I'm sending it to you privately as an attachment. Later we can publish the relevant/interesting parts to the list.
Shimi
--=-7G5597OKp5n0BqgELTUE Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8"> <META NAME="GENERATOR" CONTENT="GtkHTML/3.2.5"> </HEAD> <BODY> On Sun, 2005-03-13 at 15:10 +0200, Daniel Feiglin wrote: <BLOCKQUOTE TYPE=CITE> <PRE>
<FONT COLOR="#000000">I have the SuSE firewall installed, which is supposed to do this. YaST offers a 4 step procedure, and here are my settings:</FONT>
<FONT COLOR="#000000">1. Select interfaces to protect (internal eth0, external eth1). I did not add dsl0 to the latter.</FONT> <FONT COLOR="#000000">2. Configure services that should be available: ssh, http, https</FONT> <FONT COLOR="#000000">3. Firewall: Forward traffic & do maquerading on; Features: Protect all running services, allow traceroute</FONT> <FONT COLOR="#000000">4. Logging: critical dropped and accepted packets only</FONT>
<FONT COLOR="#000000">That's it.</FONT>
<FONT COLOR="#000000">It seems that there is some manual stuff to do ... and a bit more reading.</FONT>
</PRE> </BLOCKQUOTE> <BR> Can you show us the output of /sbin/iptables -L (or /sbin/ipchains -L, whatever works), so we can make sure that the firewall is indeed masquerading what's needed?<BR> <BR> Shimi </BODY> </HTML>
--=-7G5597OKp5n0BqgELTUE--
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
