Board index Linux Networking

Trying to Get Firewall Going with SUSE 7.2 Pro

Trying to Get Firewall Going with SUSE 7.2 Pro

Post by Gary Lindgre » Thu, 18 Oct 2001 13:56:17



I'm trying to get the firewall up and running. Using SuSefirewall. I have
START_FW set to "yes" in /etc/rc.config but do I also need to set
"IP_FORWARD" to "yes" in the same file. Instructions don't say anthing about
this item. I'm not using masquerrading, since I have static IPs. However,
I'm using 192.168.1.1 as IP for eth1. Both cards are working OK and can the
internet(if IP is set). However I can't ping 192.168.1.1 from the internal
client. What do I enter for FW_SERVICES_INTERNAL_TCP, this is blank now.
Thank you
Gary
 
 
 
Top

Trying to Get Firewall Going with SUSE 7.2 Pro

Post by David Efflan » Fri, 19 Oct 2001 10:23:29



> I'm trying to get the firewall up and running. Using SuSefirewall. I have
> START_FW set to "yes" in /etc/rc.config but do I also need to set
> "IP_FORWARD" to "yes" in the same file. Instructions don't say anthing about
> this item. I'm not using masquerrading, since I have static IPs. However,
> I'm using 192.168.1.1 as IP for eth1. Both cards are working OK and can the
> internet(if IP is set). However I can't ping 192.168.1.1 from the internal
> client. What do I enter for FW_SERVICES_INTERNAL_TCP, this is blank now.
> Thank you
> Gary

Yes you need IP_FORWARD set to yes if you want to forward anything between
network interfaces.

If FW_PROTECT_FROM_INTERNAL is "no", you do not need anything for
FW_SERVICES_INTERNAL_TCP.  If "yes" then you need to specify _everything_
you want to allow to connect internally to the firewall (or at least low
ports or ports that are otherwise blocked).

Sounds like you either have ping disabled on your firewall or a routing
problem on your internal boxes (do they have at least a host route to
192.168.1.1, along with it as default gw?).

--
David Efflandt - All spam is ignored - http://www.de-srv.com/
http://www.autox.chicago.il.us/  http://www.berniesfloral.net/
http://cgi-help.virtualave.net/  http://hammer.prohosting.com/~cgi-wiz/

 
 
 
Top

1. DSL Router w/ Static IP on Suse 7.2 pro

I am having serious problems (and am very new to Linux) and I was hoping
someone could help me.

My Linux machine is attached to a DSL (Linksys 4 port ) router. Suse Linux
7.2 is freshly installed, no modifications.

When I set the router to act as a DHCP, everything works great. The Linux
machine can access the web, and other computers on the network. However the
Linux machine MUST use a static IP (as the router will have to forward HTTP
commands, and can only forward ports if DHCP is NOT enabled)

So, I set the router DHCP function to off.
I go to the KDE control center, and select Network/Basic: LAN
From there I select the Ethernet card (eth0) and edit it. I type in the
static IP address and the Netmask (the IP address is not being used by
another machine)
I save and restart.

While the Linux machine can still see other computers on the network, it can
no longer access the internet.

Does anybody know what I am doing wrong? Using DHCP on the Router and Linux
box and I get internet fine, but switch to static IP and I loose internet.
Any ideas?

Nick

2. gdb, KDevelop 1.4

3. SuSE 7.2 Pro Distro FTP Site?

4. Mutiple

5. Email setup on SuSe 7.2 Pro

6. Redhat 5.1 swap settings.

7. DLink DFE 530 TX + SuSE Linux 7.2 pro

8. OT Q: cygwin tools updates? gjc support?

9. Logitech QuickCam Pro 3000 and SuSE 7.2

10. SUSE 7.2 Pro and Compaq ProLiant ML 370 Fan-regulation

11. Getting an Allied Telesyn Card going on RH 7.2

12. SuSE firewall 7.2. Slow booting...

13. Problems getting HSP56 MicroModem to work with SuSE 7.2


All times are UTC
Board index