[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] susefirewall2 problem (SuSE 10.1)



Am Sonntag, 23. Juli 2006 13:17 schrieb Carlos E. R.:

I've trimmed your error messages:

> iptables v1.3.5: host/network `##' not found
> iptables v1.3.5: host/network `Type:' not found
> iptables v1.3.5: host/network `string' not found
> iptables v1.3.5: host/network `##' not found
> iptables v1.3.5: host/network `Default:' not found

> I worry about the "not found" errors. How do I find out what is the exact
> problem?

Have a look at your /etc/sysconfig/SuSEfirewall2, e.g.:
## Path:        Network/Firewall/SuSEfirewall2
## Description: SuSEfirewall2 configuration
## Type:        string
## Default:     any

Obviously, parts of a comment get passed to iptables-batch/iptables.

> A bug of mine or of SuSE? It does not report the problematic 
> file or line.

SuSEfirewall2 does not recognize that error and, thus, silently passing 
wrong parameters. Then, iptables-batch/iptables complains about them.

> The configuration is the same I had with 9.3, and it worked with no
> errors, AFAIK.

You should check your /etc/sysconfig/SuSEfirewall2. E.g., by using
grep -v "#" /etc/sysconfig/SuSEfirewall2
to ensure that all options are well-formed (KEY="VALUE"). If so, try to 
comment out all options and re-add them one by one until the problem is 
triggered.

> I'm also getting some strange errors, maybe non related:
>
> Jul 23 13:13:16 nimrodel kernel: SFW2-OUT-ERROR IN= OUT=eth0
> SRC=192.168.1.12 DST=134.76.11.100 LEN=52 TOS=0x00 PREC=0x00 TTL=64
> ID=61663 DF PROTO=TCP SPT=24438 DPT=80 WINDOW=2184 RES=0x00 ACK FIN
> URGP=0 OPT (0101080A0002D56B70A5E356)
> (...).

Hmm, you already experienced such log entries some months ago. :)
http://lists.suse.com/archive/suse-security/2006-Apr/0056.html

Gruß
 Jan
-- 
Ambition is a poor excuse for not having enough sense to be lazy.

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here