[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[suse-security] Bug in SuSEfirewall2 when blocking a range of ports with custom rules ?
I just blocked a range of ports via firewall2-custom.rc.config, just as
for target in DROP; do
for chain in input_ext input_dmz input_int forward_int forward_ext
iptables -A $chain -j $target -p tcp --dport 4000:6000
the used section is fw_custom_before_port_handling. The iptables syntax
seem to be okay, but if I do this and connect to the ISP SuSEfirewall2
seem to block every incoming connection, so the connections seems to be
"dead", though establishing the connection is okay.
When blocking a single port e.g. with
iptables -A $chain -j $target -p tcp --dport 4001
it works fine and no problems occur.
So, is there a known problem when blocking a whole range of ports with
the "X:Y" syntax of iptables and SuSEfirewall2 ? The used version is
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here