[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] susefirewall2 problem (SuSE 10.1) [solved]



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The Sunday 2006-07-23 at 16:29 +0200, Jan Ritzerfeld wrote:


> You should check your /etc/sysconfig/SuSEfirewall2. E.g., by using
> grep -v "#" /etc/sysconfig/SuSEfirewall2
> to ensure that all options are well-formed (KEY="VALUE"). If so, try to 
> comment out all options and re-add them one by one until the problem is 
> triggered.

As far as I can see, they are all well formed, no "#" appears in the 
output. I can't simply delete everything, that would be the same as 
removing the firewall. 


[...]


Actually, I just saw a mistaken line:

FW_TRUSTED_NETS="192.168.1.11,tcp,ftp 192.168.1.11,tcp,ftp-data \
## Type:        string
## Default:
 192.168.1.11,tcp,ssh \
     192.168.1.1,udp,tftp"


I removed the comments in the middle and the error got corrected. I can't 
understand how they got there :-O



> > I'm also getting some strange errors, maybe non related:
> >
> > Jul 23 13:13:16 nimrodel kernel: SFW2-OUT-ERROR IN= OUT=eth0
> > SRC=192.168.1.12 DST=134.76.11.100 LEN=52 TOS=0x00 PREC=0x00 TTL=64
> > ID=61663 DF PROTO=TCP SPT=24438 DPT=80 WINDOW=2184 RES=0x00 ACK FIN
> > URGP=0 OPT (0101080A0002D56B70A5E356)
> > (...).
> 
> Hmm, you already experienced such log entries some months ago. :)
> http://lists.suse.com/archive/suse-security/2006-Apr/0056.html

True enough. But this is the first time I noticed them appearing in the 
log at the same time as I clicked somewhere, ie, repeatable. And 
previously it was 9.3, now it is 10.1


- -- 
Cheers,
       Carlos E. R.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFEw8ewtTMYHG2NR9URAu8MAJ0QdCCxQ4Z7zqL1UGcu6QyXASnVqgCdGecT
pLVnshV25RHrw+zQoj9NLFA=
=TTJa
-----END PGP SIGNATURE-----


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here