[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] Question regarding WLAN security & FW2



Hello list,

I hope this is the correct ML for my question:
I have an SuSE 9.1 based system, which acts as server for several
services.
Right now there are three NICs (interface eth0, eth1, ath0).
eth0 points to the internal LAN (192.168.10.0/24)
eth1 might point to the internet (DSL line)
ath0 points to the wireless LAN (192.168.40.0/24)

Several hardware wlan-routers have options to accept/deny access based
on MAC adresses.
And as far as I understood my chances on Linux, I have to do this via
iptables ....

So I checked FW2, and I guess my only chance to install this is by
editing two files:
/etc/sysconfig/SuSEfirewall2 &
/etc/sysconfig/scripts/SuSEfirewall2-custom
Is that correct??

Next point is:
how does I have to configure it correctly?
I hope its not totaly wrong this way:
/etc/sysconfig/SuSEfirewall2
    FW_DEV_EXT="ppp0"
    FW_DEV_INT="eth0 ath0"
    FW_ROUTE="yes"
    FW_MASQUERADE="yes"
    FW_MASQ_DEV="$FW_DEV_EXT"
    FW_MASQ_NETS="192.168.10.0/24 192.168.40.0/24"
    [...]
    FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom"
&
/etc/sysconfig/scripts/SuSEfirewall2-custom:
    iptables -A FORWARD -m mac --mac-source 00:01:02:03:04:05 -j ACCEPT

I didn't activate it till now, as I'm not sure if it'll work ... or how
it has to look like.

Could you give me a hand? Or some advise?

Thanks in advance!
Torsten



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here