[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Can't access internet with SuSE FW2
-----BEGIN PGP SIGNED MESSAGE-----
Michael Hoeller <MichaelHoeller@xxxxxxxxxxx> wrote:
> Jan 9 22:39:47 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA
> C= SRC=22.214.171.124 DST=126.96.36.199 LEN=94 TOS=0x00 PREC=0x00 TTL=60
> ID=0 DF PROTO=UDP SPT=53 DPT=1029 LEN=74
ippp1? are you using isdn? :)
what does your routing look like? try route (as root), its output should
look like this:
knecht:/home/boss # route
Kernel IP Routentabelle
Ziel Router Genmask Flags Metric Ref Use Iface
217.5.xxx.xxx * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
default 217.5.xxx.xxx 0.0.0.0 UG 0 0 0 ppp0
i'm using t-dsl; ppp0 & eth0 are for the dsl-uplink and eth1 is
connected to a switch. so ppp0 must be the default-route.
> This sounds fairly simple but I couldn't figgure out what is wrong...
> I have attched my settings from /etc/sysconfig/SuSEFirewall2.
> Hope some one can give me a hint I am lost with this one :(
it should work with your fw-config (mine looks similar on a SL 8.0, only
big difference is FW_ALLOW_CLASS_ROUTING="yes"). my guess is that
something is wrong with your routing.
Bastard Administrator in $hell
GPG-Key at http://lists.notified.de/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here