[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] susefirewall2 problem (SuSE 10.1) [solved]

Hash: SHA1

The Sunday 2006-07-23 at 16:29 +0200, Jan Ritzerfeld wrote:

> You should check your /etc/sysconfig/SuSEfirewall2. E.g., by using
> grep -v "#" /etc/sysconfig/SuSEfirewall2
> to ensure that all options are well-formed (KEY="VALUE"). If so, try to 
> comment out all options and re-add them one by one until the problem is 
> triggered.

As far as I can see, they are all well formed, no "#" appears in the 
output. I can't simply delete everything, that would be the same as 
removing the firewall. 


Actually, I just saw a mistaken line:

FW_TRUSTED_NETS=",tcp,ftp,tcp,ftp-data \
## Type:        string
## Default:,tcp,ssh \,udp,tftp"

I removed the comments in the middle and the error got corrected. I can't 
understand how they got there :-O

> > I'm also getting some strange errors, maybe non related:
> >
> > Jul 23 13:13:16 nimrodel kernel: SFW2-OUT-ERROR IN= OUT=eth0
> > SRC= DST= LEN=52 TOS=0x00 PREC=0x00 TTL=64
> > ID=61663 DF PROTO=TCP SPT=24438 DPT=80 WINDOW=2184 RES=0x00 ACK FIN
> > URGP=0 OPT (0101080A0002D56B70A5E356)
> > (...).
> Hmm, you already experienced such log entries some months ago. :)
> http://lists.suse.com/archive/suse-security/2006-Apr/0056.html

True enough. But this is the first time I noticed them appearing in the 
log at the same time as I clicked somewhere, ie, repeatable. And 
previously it was 9.3, now it is 10.1

- -- 
       Carlos E. R.

Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Made with pgp4pine 1.76


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here