|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Peter Menzel (Peter.Menzel
com-gmbh.de)Date: Tue Sep 04 2001 - 12:57:59 CDT
Hello,
I successfully installed SuSEfirewall2 and configured it to my needs. The
firewall box is set up with two external interfaces (ippp0 and eth1). eth1
is normally connected to an ELSA DSL router and in case DSL will not work I
want to switch back to ISDN. So far I've set up ISDN and that stuff, the box
is doing everything fine. Clients can do http, https, ftp, mail and so on.
Portscans run from the internet report all ports as stealth and the firewall
cannot be pinged from the internet.
But when it comes to a ping from the internal network to the internet,
nothing works. I've tried all the FW_ALLOW_PING_[FW|DMZ|EXT] settings, with
no results. Interesting: when I set FW_FORWARD_PING_DMZ="yes" I am able to
ping the internet from the firewall, but not from the clients. More
interesting: I have not configured a DMZ (yet).
What I would like to do is to ping the internet from the clients and get the
echo-reply back. echo-requests from the internet have to be dropped at the
firewall.
Has anyone experienced these problems? Any help would be appreciated.
Thanks in advance, Peter
peter.menzelcom-gmbh.de
-- To unsubscribe, e-mail: suse-security-unsubscribe
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]