[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Can't access internet with SuSE FW2



Thanks Engelbert,

which miracel with the option "test" it works.. Now I have some more 
lines in var/lop/messages but I can't get some helpfull info from it. 
Is there an other place were I need to look or is the attach info more 
readable for the experts?

Thanks a lot 
Michael

Jan 11 18:44:42 tamboti SuSEfirewall2: Firewall set in TEST mode.
Jan 11 18:44:42 tamboti modprobe: modprobe: Can't locate module ippp1
Jan 11 18:44:43 tamboti kernel: ip_tables: (C) 2000-2002 Netfilter core
 team
Jan 11 18:44:43 tamboti kernel: ip_conntrack version 2.1 (4095 buckets,
 32760 max) - 304 bytes per conntrack
Jan 11 18:44:44 tamboti SuSEfirewall2: Firewall rules successfully set
from /etc/sysconfig/SuSEfirewall2
Jan 11 18:44:53 tamboti ipppd[3232]: Found 1 device:
Jan 11 18:44:53 tamboti ipppd[3233]: ipppd i2.2.12 (isdn4linux version
of pppd by MH) started
Jan 11 18:44:53 tamboti ipppd[3233]: init_unit: 0
Jan 11 18:44:53 tamboti kernel: ippp, open, slot: 1, minor: 1, state: 0
000
Jan 11 18:44:53 tamboti kernel: ippp_ccp: allocated reset data structur
e c7e91800
Jan 11 18:44:53 tamboti ipppd[3233]: Connect[0]: /dev/ippp1, fd: 14
Jan 11 18:44:53 tamboti kernel: ippp1: dialing 1 019103000...
Jan 11 18:44:53 tamboti isdnlog: Jan 11 18:44:53 * tei 83 calling vr-we
b with ?  RING (Data)
Jan 11 18:44:55 tamboti isdnlog: Jan 11 18:44:55 tei 83 calling vr-web
with ?  Time:Sun Jan 11 18:44:00 2004
Jan 11 18:44:55 tamboti isdnlog: Jan 11 18:44:55 tei 83 calling vr-web
with ?  CONNECT (Data)
Jan 11 18:44:55 tamboti isdnlog: Jan 11 18:44:55 tei 83 calling vr-web
with ?  INTERFACE ippp1 calling 019103000
Jan 11 18:44:55 tamboti isdnlog: Jan 11 18:44:55 tei 83 calling vr-web
with ?  No area info for provider 33_0 (13), destination 019103000
Jan 11 18:44:55 tamboti kernel: isdn_net: ippp1 connected
Jan 11 18:44:55 tamboti ipppd[3233]: Local number: 0, Remote number: 01
9103000, Type: outgoing
Jan 11 18:44:55 tamboti ipppd[3233]: PHASE_WAIT -> PHASE_ESTABLISHED, i
funit: 1, linkunit: 0, fd: 14
Jan 11 18:44:55 tamboti ipppd[3233]: ioctl(SIOCSIFMTU): Invalid argumen
t, 10 ippp1 1524.
Jan 11 18:44:55 tamboti ipppd[3233]: Remote message:
Jan 11 18:44:55 tamboti ipppd[3233]: MPPP negotiation, He: No We: No
Jan 11 18:44:55 tamboti ipppd[3233]: CCP enabled! Trying CCP.
Jan 11 18:44:55 tamboti ipppd[3233]: CCP: got ccp-unit 0 for link 0 (Co
mpression Control Protocol)
Jan 11 18:44:55 tamboti ipppd[3233]: ccp_resetci!
Jan 11 18:44:55 tamboti kernel: Received CCP frame from peer slot(1)
Jan 11 18:44:55 tamboti kernel: [1/1].ccp-rcv[0]: 01 01 00 09 11 05 00
01 04
Jan 11 18:44:55 tamboti ipppd[3233]: ccp_resetci!
Jan 11 18:44:55 tamboti kernel: Received CCP frame from daemon:
Jan 11 18:44:55 tamboti kernel: [1/1].ccp-xmit[0]: ff 03 80 fd 01 01 00
 04
Jan 11 18:44:55 tamboti kernel: Received CCP frame from daemon:
Jan 11 18:44:55 tamboti kernel: [1/1].ccp-xmit[0]: ff 03 80 fd 04 01 00
 09 11 05 00 01 04
Jan 11 18:44:55 tamboti kernel: Received CCP frame from peer slot(1)
Jan 11 18:44:55 tamboti kernel: [1/1].ccp-rcv[0]: 04 01 00 04
Jan 11 18:44:55 tamboti kernel: Received CCP frame from peer slot(1)
Jan 11 18:44:55 tamboti kernel: [1/1].ccp-rcv[0]: 01 02 00 0a 11 06 00
01 01 03
Jan 11 18:44:55 tamboti ipppd[3233]: ccp_resetci!
Jan 11 18:44:55 tamboti kernel: Received CCP frame from daemon:
Jan 11 18:44:55 tamboti kernel: [1/1].ccp-xmit[0]: ff 03 80 fd 01 02 00
 04
Jan 11 18:44:55 tamboti kernel: Received CCP frame from daemon:
Jan 11 18:44:55 tamboti kernel: [1/1].ccp-xmit[0]: ff 03 80 fd 04 02 00
 0a 11 06 00 01 01 03
Jan 11 18:44:55 tamboti ipppd[3233]: local  IP address 62.227.40.199
Jan 11 18:44:55 tamboti ipppd[3233]: remote IP address 212.185.250.217
Jan 11 18:44:55 tamboti kernel: Received CCP frame from peer slot(1)
Jan 11 18:44:55 tamboti kernel: [1/1].ccp-rcv[0]: 04 02 00 04
Jan 11 18:44:56 tamboti modify_resolvconf: Service ipppd modified /etc/
resolv.conf. See info block in this file
Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA
C= SRC=193.158.141.116 DST=62.227.40.199 LEN=73 TOS=0x00 PREC=0x00 TTL=
57 ID=21402 PROTO=UDP SPT=53 DPT=1025 LEN=53
Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA
C= SRC=193.158.141.116 DST=62.227.40.199 LEN=113 TOS=0x00 PREC=0x00 TTL
=57 ID=20899 PROTO=UDP SPT=53 DPT=1025 LEN=93
Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA
C= SRC=192.53.103.103 DST=62.227.40.199 LEN=76 TOS=0x00 PREC=0x00 TTL=5
5 ID=192 PROTO=UDP SPT=123 DPT=123 LEN=56
Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA
C= SRC=192.53.103.103 DST=62.227.40.199 LEN=76 TOS=0x00 PREC=0x00 TTL=5
5 ID=207 PROTO=UDP SPT=123 DPT=123 LEN=56
Jan 11 18:44:56 tamboti kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp1 OUT= MA
C= SRC=192.53.103.103 DST=62.227.40.199 LEN=76 TOS=0x00 PREC=0x00 TTL=5




engelbert.gruber@xxxxxxxxx wrote:
> On Sun, 11 Jan 2004, Michael Hoeller wrote:
> > I have update my config but I still can't acces the INet when the
> > firewall is up. No problems without the firwall.
> >
> > I am really lost and have no idea what else to check -- maybe
> > someone has an idea or sees what I over see??
>
> SusEfirewall2 test
> does not block anything but logs packes which would get blocked.
>


-- 
Encrypted eMail welcome! 
Get my OpenPGP-Key ID: 0xE9B00731 from: wwwkeys.de.pgp.net


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here