Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Dieter Huerten (dieter.huertentelebel.de)
Date: Mon Aug 27 2001 - 17:00:42 CDT
Sorry to step in here (without being asked -- hehe!)
IMHO we miss the point ?-(
ALL answers are correct [more or less -- no flames!], but doesn't answer
Florian Pressler wrote:
> In RFC1918, I found this:
> The Internet Assigned Numbers Authority (IANA) has reserved the
> following three blocks of the IP address space for private internets.
> 10.0.0.0 - 10.255.255.255 (10/8 prefix)
> 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
> 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
> I decides to assign the following IPs to the hosts in my LAN:
> 172.20.30.40/29, i.e 172.20.30.41 - 172.20.30.46.
IMHO good (/acceptable) decision ;-)
> When I start SuSEfirewall2, there appears an errormessage:
> The network 172.20.30.40/29 you want to masquerade is not from a
> private network. Change this!
> Is this an error of SuSEfirwall2, or do I misunderstand something
If I read Florian's posting right, it's not the question if/if not take
these address and/or if it's 'free address space' nor it's a CIDR/other routing problem!
(Maybe I'm wrong!?!)
Said this, for me the question/answer is quite interesting:
--> WHY does SuSEfirewall2 assume, that THIS ADDRESS isn't from a private network???
My apologies for I didn't use SuSEfirewall2 at the moment, maybe Florian has to give
more informations, maybe the answer could only be given by the 'firewall-gurus' or the
author of the script -- but I'm really wondering why this errormessage appears!
Any explanation _greatly_ appreciated!
-- best greetings from Solingen /GERMANY
-- To unsubscribe, e-mail: suse-security-unsubscribesuse.com For additional commands, e-mail: suse-security-helpsuse.com