[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] DMZ and SuSE firewall



(After sending this mail just to Togan I reallized I read the wrong document, 
sorry, Togan!)

Hi, thanks for your post! I have downloaded the document, found some 
information about suse firewalls on that document, but it brought me to:

/usr/share/doc/packages/SuSEfirewall2/suseSuSEfirewall2.sysconfig.EXAMPLE
and:
/usr/share/doc/packages/SuSEfirewall2/EXAMPLES

And got to this configuration on both firewalls:

Internal firewall:
-------------------
FW_DEV_INT="eth0"
FW_DEV_DMZ="eth1"
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_KERNEL_SECURITY="yes"

External firewall:
-------------------
FW_DEV_EXT="eth0"
FW_DEV_DMZ="eth1"
FW_ROUTE="no"
FW_MASQUERADE="yes"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_AUTOPROTECT_SERVICES="yes"
FW_FORWARD="IP_FIREWALL_EXTERNAL_INTERFACE,IP_SERVER_ON_THE_DMZ,tcp,80"
FW_KERNEL_SECURITY="yes"

What do you think? Good? Bad? Ugly?



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here