Firewall 2 for SuSE

Firewall 2 for SuSE

Post by Michael Soibelma » Sat, 06 Apr 2002 08:50:32



This message was originaly posted at alt.os.linux.suse.  I haven't got any
replies yet.  Can someone here please help!

In 28 questions I can completely configure SuseFirewall 2 with Yast2.
That is probably the only thing standing between failure and success for my
1st network.  I'm accessing the I-Net from my Gateway and can ping between
Gateway and Client.  I have installed Firewall 2 and now just need to
configure it.  Here is my hardware configuration.  Please walk me thru
this!!

          (ADSL)
              ___Gateway__       __Client___
<<<<<(WWW)---|            |     |            |
             | eth0       |     |    eth0    |
             | 10.0.0.1   |     |192.168.1.2 |
             |  (temp)    |     |(192.168.1.1|
             |            |     | as default |                              
             | eth1       |     | gateway)   |
             | 192.168.1.1|-----|            |
             |____________|     |____________|

1. FW_DEV_EXT              'eth0'
2. FW_DEV_INT              'eth1'
3. FW_KERNEL_SECURITY      'yes'  (?)
4. FW_ALLOW_FW_TRACEROUTE  'yes'  (?)
5. FW_ROUTE                'yes'
6. FW_FORWARDING           '   '
7. FW_MASQUERADE           'yes'
8. FW_MASQ_DEV             '$FW_DEV_EXT'
9. FW_MASQ_NETS            '?????' (allow unrestricted access for gateway &
                                    client)
10 FW_SERVICE_DHCLIENT     'no'
11 FW_SERVICE_DHCP         'no'
12 FW_SERVICE_DNS          'no'
13 FW_SERVICE_SAMBA        'no'
14 FW_SERVICE_SQUID        'no'
15 FW_AUTOPROTECT_SERVICES 'yes'  (?)
16 FW_PROTECT_FROM_INTERNAL'yes'  (?)
17 FW_ACCEPT_ALL           'no'
18 FW_LOG_DROP_ALL         'no'
19 FW_LOG_ACCEPT_CRIT      'yes'
20 FW_LOG_DROP_CRIT        'yes'
21 FW_SERVICE_AUTODETECT   'yes'
22 FW_SERVICES_EXT_IP      '   '  (?)
23 FW_SWRVICES_EXT_TCP     '   '  (?)
24 FW_SERVICES-EXT_UDP     '   '  (?)
25 FW_SERVICES_INT_IP      '   '  (?)
26 FW_SERVICES_INT_TCP     '   '  (?)
27 FW_SERVICES_INT_UDP     '   '  (?)
28 START_FW2               'yes'

The ones I filled in without question marks I'm pretty sure about.  The
ones I filled in and had question marks next to I'm not so sure of!  The
rest I'm totaly unsure of!!!

Please help and thank you for all your feedback.

 
 
 

1. Trying to Get Firewall Going with SUSE 7.2 Pro

I'm trying to get the firewall up and running. Using SuSefirewall. I have
START_FW set to "yes" in /etc/rc.config but do I also need to set
"IP_FORWARD" to "yes" in the same file. Instructions don't say anthing about
this item. I'm not using masquerrading, since I have static IPs. However,
I'm using 192.168.1.1 as IP for eth1. Both cards are working OK and can the
internet(if IP is set). However I can't ping 192.168.1.1 from the internal
client. What do I enter for FW_SERVICES_INTERNAL_TCP, this is blank now.
Thank you
Gary

2. ANDREW need to setup fonts/edit style

3. SuSE Linux Firewall on CD

4. SCO UNIX & WordPerfect 5.1 & Spell Checker

5. Firewall (Suse 6.3) and Napster

6. SAMBa Slow

7. suse 7.0 firewall & proxy

8. Need help with NCSA 1.4.2 server

9. suse 6.2 linux and firewall / forwarding

10. Suse 6.3 firewall

11. Fwd: SuSe 8.0 Personal Firewall questions

12. E-mail client for Suse 8.2 and firewall

13. SuSE 6.4 +firewall??