OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: tux the turtle (tu.th.tugmx.net)
Date: Thu May 09 2002 - 17:10:04 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hi out there;
    setting up (once more) my SuSE 7.3 I got the following on boot up:

    Starting Firewall Initialization: (phase 3 of 3) iptables v1.2.2: Can't use
    -D with -A
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.2: Can't use -D with -A

    I run a small private net as shown below:
        ISP <-> Desktop/Firewall <-> Laptop/Firewall

    The message above is from the Desktop-PC; my firewall2.rc.config contains
    these:

    FW_DEV_EXT="ippp0"
    FW_DEV_INT="eth0"
    FW_DEV_DMZ=""
    FW_ROUTE="yes"
    FW_MASQUERADE="yes"
    FW_MASQ_DEV="$FW_DEV_EXT"
    FW_MASQ_NETS="192.168.0.0/24"
    FW_PROTECT_FROM_INTERNAL="no"
    FW_AUTOPROTECT_SERVICES="yes"
    FW_SERVICES_EXT_TCP="smtp domain"
    FW_SERVICES_EXT_UDP="domain"
    FW_SERVICES_EXT_IP=""
    FW_SERVICES_DMZ_TCP=""
    FW_SERVICES_DMZ_UDP=""
    FW_SERVICES_DMZ_IP=""
    FW_SERVICES_INT_TCP="ssh smtp domain"
    FW_SERVICES_INT_UDP="domain syslog"
    FW_SERVICES_INT_IP=""
    FW_TRUSTED_NETS="192.168.0.0/24"
    FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes"
    FW_ALLOW_INCOMING_HIGHPORTS_UDP="domain"
    FW_SERVICE_AUTODETECT="no"
    FW_SERVICE_DNS="no"
    FW_SERVICE_DHCLIENT="no"
    FW_SERVICE_DHCPD="no"
    FW_SERVICE_SQUID="no"
    FW_SERVICE_SAMBA="no"
    FW_FORWARD=""
    FW_FORWARD_MASQ=""
    FW_REDIRECT=""
    FW_LOG_DROP_CRIT="yes"
    FW_LOG_DROP_ALL="no"
    FW_LOG_ACCEPT_CRIT="yes"
    FW_LOG_ACCEPT_ALL="no"
    FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix
    Firewall "
    FW_KERNEL_SECURITY="yes"
    FW_STOP_KEEP_ROUTING_STATE="yes"
    FW_ALLOW_PING_FW="yes"
    FW_ALLOW_PING_DMZ="no"
    FW_ALLOW_PING_EXT="no"

    all other unchanged

    Any hint?

    Besides that (and OT): i run smpppd. If it's the smpppd that disconnects my
    ippp0 (capi-drv from Fritz!) the machine hangs while shuting down because of
    an ippp0 usagecount != 0 (message from kernel: unregister_netdevice). Any
    hints of setting a timeout or forcing unregistering?

    Thanks in advance...
            Tux the turtle 

    -- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here