OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: [suse-security] firewals-2.1-5 (from 6.4), 1x dev-world, 2x dev-int
From: W.Schlich (wolframschlich.org)
Date: Tue Oct 03 2000 - 03:24:33 CDT

hello list!

I have installed firewals 2.1-5 on one of my machines. it has
two internal devices (eth0: 192.168.0.10, eth1: 192.168.1.10)
and one external (ippp0). both internal nets can connect to the
internet w/o problems, but connecting to each other seems to be
a problem, since there is no customizable ruleset in the firewall
config for that (routing, forwarding etc. between internal ifaces)

--snip--
Chain forward (policy DENY):
target prot opt source destination ports
fw_masq all ------ 192.168.0.0/23 0.0.0.0/0 n/a
DENY all ----l- 0.0.0.0/0 0.0.0.0/0 n/a
--snip--

after executing
--snip--
ipchains -D forward 2
ipchains -A forward -s 192.168.0.0/23 -d 192.168.0.0/23 -j ACCEPT
--snip--
the machines on the two different nets can connect to each other.
the firewall is also a smb server, hence it tries to broadcast to
both nets, which unfortunately is also denied.

any idea to modify the SuSEfirewall script that it fits my needs?
I'm not that familiar with ipchains :(

thanx in advance.

Mit freundlichen Grüssen

| Wolfram Schlich
------------------------------------------------------------------
| E-Mail: wolframschlich.org * ICQ #: 35713642
| Postal: Berghof * 56626 Andernach * Germany
| Tel.: +49-(0)2636-941194

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com