Hi all!!

Sorry to step in here (without being asked -- hehe!)

IMHO we miss the point ?-(

ALL answers are correct [more or less -- no flames!], but doesn't answer
his question!

Florian Pressler wrote:

> Hi!
>
> In RFC1918, I found this:
>
> The Internet Assigned Numbers Authority (IANA) has reserved the
> following three blocks of the IP address space for private internets.
> 10.0.0.0 - 10.255.255.255 (10/8 prefix)
> 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
> 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
>
> I decides to assign the following IPs to the hosts in my LAN:
> 172.20.30.40/29, i.e 172.20.30.41 - 172.20.30.46.

IMHO good (/acceptable) decision ;-)

> When I start SuSEfirewall2, there appears an errormessage:
> The network 172.20.30.40/29 you want to masquerade is not from a
> private network. Change this!
>
> Is this an error of SuSEfirwall2, or do I misunderstand something
> completely?

If I read Florian's posting right, it's not the question if/if not take
these address and/or if it's 'free address space' nor it's a CIDR/other routing problem!
(Maybe I'm wrong!?!)

Said this, for me the question/answer is quite interesting:
    --> WHY does SuSEfirewall2 assume, that THIS ADDRESS isn't from a private network???

My apologies for I didn't use SuSEfirewall2 at the moment, maybe Florian has to give
more informations, maybe the answer could only be given by the 'firewall-gurus' or the
author of the script -- but I'm really wondering why this errormessage appears!

Any explanation _greatly_ appreciated!

--
best greetings from
 Solingen /GERMANY
   Dieter Hürten
-- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]