[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] susefirewall2 and internal/external interface



Hello, happy 9.1 personal user here :D

I've got few questions regarding SuSEfirewall2 configuration with yast2. I 
have got dsl connection with dsl0 and eth0 (home workstation).

1. In my case, dsl0 is the external interface, and eth0 is internal, right? Or 
should i chose <none> as the internal device?

2. What firewall features should I enable to be able to use edonkey network 
with additional iptable rules?
Forward Traffic and Do Masquerading?
Protect from Internal Network?
Allow Traceroute?
Protect All Running Services?
Treat IPsec Traffic as Interal?

3. On suse 9.0 I opened tcp/udp ports like this:
# su
# netstat -ltupn | grep xmule (to see which ports need to be open)

# IPTABLES -A INPUT -p tcp --dport 4662 -m state --state 
NEW,ESTABLISHED,RELATED -j ACCEPT

# IPTABLES -A INPUT -p udp --dport 4665 -m state --state 
NEW,ESTABLISHED,RELATED -j ACCEPT

# IPTABLES -A INPUT -p udp --dport 4672 -m state --state 
NEW,ESTABLISHED,RELATED -j ACCEPT

But now, on 9.1 it does not work, I allways get lowid.

I also noticed that iptable rules disappear after reconnect?!?
#iptables -L -v
Should I save them? How? What does the iptables-save do?
Should I restart the firewall after adding rules? Should I reboot?

Aaaargh... not so happy suse user anymore!
:D

Thanks
Bojan

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here