[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Can't access internet with SuSE FW2

Hash: SHA1

Michael Hoeller <MichaelHoeller@xxxxxxxxxxx> wrote:
> Jan  9 22:39:47 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA
> C= SRC= DST= LEN=94 TOS=0x00 PREC=0x00 TTL=60
> ID=0 DF PROTO=UDP SPT=53 DPT=1029 LEN=74

ippp1? are you using isdn? :)

what does your routing look like? try route (as root), its output should
look like this:

knecht:/home/boss # route
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref Use Iface
217.5.xxx.xxx   *      UH    0      0   0   ppp0     *        U     0      0   0   eth0     *        U     0      0   0   eth1
default         217.5.xxx.xxx         UG    0      0   0   ppp0

i'm using t-dsl; ppp0 & eth0 are for the dsl-uplink and eth1 is
connected to a switch. so ppp0 must be the default-route.

> This sounds fairly simple but I couldn't figgure out what is wrong... 
> I have attched my settings from /etc/sysconfig/SuSEFirewall2. 
> Hope some one can give me a hint I am lost with this one :(

it should work with your fw-config (mine looks similar on a SL 8.0, only
big difference is FW_ALLOW_CLASS_ROUTING="yes"). my guess is that
something is wrong with your routing.

- -- 
Bastard Administrator in $hell
GPG-Key at http://lists.notified.de/
Version: GnuPG v1.2.1 (GNU/Linux)


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here