[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] susefirewall2 and internal/external interface

Hello, happy 9.1 personal user here :D

I've got few questions regarding SuSEfirewall2 configuration with yast2. I 
have got dsl connection with dsl0 and eth0 (home workstation).

1. In my case, dsl0 is the external interface, and eth0 is internal, right? Or 
should i chose <none> as the internal device?

2. What firewall features should I enable to be able to use edonkey network 
with additional iptable rules?
Forward Traffic and Do Masquerading?
Protect from Internal Network?
Allow Traceroute?
Protect All Running Services?
Treat IPsec Traffic as Interal?

3. On suse 9.0 I opened tcp/udp ports like this:
# su
# netstat -ltupn | grep xmule (to see which ports need to be open)

# IPTABLES -A INPUT -p tcp --dport 4662 -m state --state 

# IPTABLES -A INPUT -p udp --dport 4665 -m state --state 

# IPTABLES -A INPUT -p udp --dport 4672 -m state --state 

But now, on 9.1 it does not work, I allways get lowid.

I also noticed that iptable rules disappear after reconnect?!?
#iptables -L -v
Should I save them? How? What does the iptables-save do?
Should I restart the firewall after adding rules? Should I reboot?

Aaaargh... not so happy suse user anymore!


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here