OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Andreas (as1973_at_gmx.de)
Date: Wed Nov 13 2002 - 14:23:39 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hello together,

    I have a Problem to start the SuSEFW2 (version 3.1).
    I use ISDN dial-upconnection with dynamic ip and dns.
    On SuSE 7.2 it works with the same config. well.

    During the configuration by Yast a dialup-connection starts and nothing
    happens for minutes.

    tcpdump says: (212.93.30.150 my provider-dns) 

    ---
einstein:/etc/sysconfig # tcpdump -i ippp0
tcpdump: listening on ippp0
19:35:08.753066 192.168.22.1.pcg-radar > 212.93.30.150.domain:  58988+ PTR? 
ippp0.einstein.genius. (39) (DF)
19:35:13.763036 62.180.194.107.1037 > 212.93.30.150.domain:  58988+ PTR? 
ippp0.einstein.genius. (39) (DF)
19:35:13.818713 212.93.30.150.domain > 62.180.194.107.1037:  58988 NXDomain 
0/1/0 (114)
19:35:13.818715 212.93.30.150.domain > 62.180.194.107.1037:  58988 NXDomain 
0/1/0 (114)
19:35:18.773127 62.180.194.107.1037 > 212.93.30.150.domain:  58989+ PTR? 
ippp0. (23) (DF)
--- etc.

    Onetime the FW get start but it blocks all dns-calls at Port 53 and every 
dialup the FW takes ca. 2 minutes to get up.

    here my FW-config:
---
FW_QUICKMODE="no"
FW_DEV_EXT="ippp0"
FW_DEV_INT=""
FW_DEV_DMZ=""
FW_ROUTE="no"
FW_MASQUERADE="no"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS=""
FW_PROTECT_FROM_INTERNAL="yes"
FW_AUTOPROTECT_SERVICES="yes"
FW_SERVICES_EXT_TCP=""
FW_SERVICES_EXT_UDP=""
FW_SERVICES_EXT_IP=""
FW_SERVICES_DMZ_TCP=""
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_DMZ_IP=""
FW_SERVICES_INT_TCP=""
FW_SERVICES_INT_UDP="domain"
FW_SERVICES_INT_IP=""
FW_SERVICES_QUICK_TCP=""
FW_SERVICES_QUICK_UDP=""
FW_SERVICES_QUICK_IP=""
FW_TRUSTED_NETS=""
FW_ALLOW_INCOMING_HIGHPORTS_TCP="no"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="domain ntp"
FW_SERVICE_AUTODETECT="yes"
FW_SERVICE_DNS="no"
FW_SERVICE_DHCLIENT="no"
FW_SERVICE_DHCPD="no"
FW_SERVICE_SQUID="no"
FW_SERVICE_SAMBA="no"
FW_FORWARD=""
FW_FORWARD_MASQ=""
FW_REDIRECT=""
FW_LOG_DROP_CRIT="yes"
FW_LOG_DROP_ALL="yes"
FW_LOG_ACCEPT_CRIT="no"
FW_LOG_ACCEPT_ALL="no"
FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix 
SuSE-FW"
FW_KERNEL_SECURITY="yes"
FW_STOP_KEEP_ROUTING_STATE="yes"
FW_ALLOW_PING_FW="yes"
FW_ALLOW_PING_DMZ="no"
FW_ALLOW_PING_EXT="no"
FW_ALLOW_FW_TRACEROUTE="yes"
FW_ALLOW_FW_SOURCEQUENCH="yes"
FW_ALLOW_FW_BROADCAST="no"
FW_IGNORE_FW_BROADCAST="yes"
FW_ALLOW_CLASS_ROUTING="no"
FW_CUSTOMRULES=""
FW_REJECT="no"

    -- 

    Best Regards,
Andreas
--

    -- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here