[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Help SuSEfirewall2 / ifup / kernel 2.6



Dirk Enrique Seiffert - CaribeNet wrote:
> This morning one of our firewall machines got reboot after a power failure. 
> After startup we were not able to remotely login: For some reason eth0 
> (internal) and eth1 (external) got mixed up. 
> 
> Until SuSE 9.0 yast created for each interface a file named
> ifcfg-eth0, ifcfg-eth1 etc. SuSE 9.1 uses something like 
> ifcfg-eth-id-00:0d:87:74:21:f3, ifcfg-eth-id-00:0d:87:74:21:f4 - ifconfig 
> shows eth0 and eth1 though.
> 
> My silly question is: How does ifup know on bootup which of these interfaces 
> should be eth0 or eth1? Do I have to add a line like ETHERDEVICE=eth0 in 
> ifcfg-eth-id-00:0d:87:74:21:f3 ? 

The kernel assigns the X in ethX which depends on the module load
order, position on the bus, moon phase etc. I.e. you cannot rely on
it to be constant. You never could. Therefore SuSEfirwall2 on 9.1
uses getcfg-interface to get the mapping eth-id* -> ethX. If
eth-id-00:0d:87:74:21:f3 is your external interface, then just use
that string in FW_DEV_EXT instead of ethX. SuSEfirewall2 will always
use the correct interface then.

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\   SUSE LINUX AG, Development
 V_/_  http://www.suse.de/

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here