Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [suse-security] Cipe starts before firewalldaemon on SuSe-Live CD
From: Alex (xander.rtin.it)
Date: Thu Sep 11 2003 - 05:38:53 CDT
On Thu, 2003-09-11 at 11:58, Jan Frederik Pielhau wrote:
> Hi there.
> We've got a SuSe Linux Firewall on CD 2 and use CIPE to connect a branch office.
> Because the remote network is on a dialup-line, we use the cipe's ip-up script to
> insert some iptables rules for the network connection between the LANs.
Why do you put the iptables rules in the cipe script? You have to create
a cipe chain in the firewall script; with fas GUI is very simple: go to
IP-Filter and NAT menu, choose Expert Configuration and New Chain in IP
Filter Menu, add your rules there.
For example you could create 2 chains: one that accepts the key from
your peer and another that forwards the traffic between the 2 lans
trough the cipe interface; the first will be added in the INPUT chain
and the second in the FORWARD chain.
Don't forget to start cipe deamon by hand on the floppy in
Anyway I suggest you to join the suse-fwoncd list:
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here