OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[suse-security] Antwort: Re: [suse-security] SFW2-IN-ILL-TARGET [Hugo Boss: Virus checked]

From: Michael Hoeller (Michael_Hoellerhugoboss.com)
Date: Thu Jul 14 2005 - 10:41:26 CDT

Hello Ludwig,

thanks for the answer, so if the config is correct and I do set up the fw
when I start the interface. What might be the reason for the ILL TARGET
????
Do you agree with Arimin suggestion which I find helpfull to try different
subnets?

Michael

H U G O B O S S
Ludwig Nussel <ludwig.nusselsuse.de>
14.07.2005 14:10

An
suse-securitysuse.com
Kopie

Thema
Re: [suse-security] SFW2-IN-ILL-TARGET [Hugo Boss: Virus checked]

Michael Hoeller wrote:
> I am a little bit confused by the answers, can I try to summarize?
> I still get rejected ..
>
> I dial in from 192.168.55.100 to 192.168.55.200 the interface ippp0 is
> used
> the IP Adresses are fix.
>
> I can actually dial in and I do get the IP Adresses, the connection
stays
> up.
>
> But as soon as I try to log in via ssh user192.168.55.100 I get the
> ILL_TARGET
> Message from the firewall:
>
> Jul 9 21:34:22 omicron kernel: SFW2-IN-ILL-TARGET IN=ippp0 OUT=
> SRC=192.168.55.200 DST=192.168.55.100 LEN=6
> 0 TOS=0x00 PREC=0x00 TTL=64 ID=48935 DF PROTO=TCP SPT=1032 DPT=22
> WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B404
> 02080A01E052360000000001030302)
>
> Here are my DEV variables:
> FW_DEV_EXT="ippp1 ippp1 ippp1"
> FW_DEV_INT="eth-id-00:e0:81:20:30:04 ippp0"
> FW_DEV_DMZ=""

The config is ok. SuSEfirewall2 does not set up rules for interfaces
that don't exist so you need to run SuSEfirewall2 when the interface
is up. That is supposed to happen automatically if you checked the
Firewall checkbox in YaST. Alternatively verify manually that
FIREWALL=yes in the config files as already mentioned in a previous
mail.
 
> I don't know why SuSE passed ippp1 3 times to the variable but
> since I am not an expert I have not touched it..

One is sufficient.

cu
Ludwig

--
 (o_ Ludwig Nussel
 //\ SUSE LINUX Products GmbH, Development
 V_/_ http://www.suse.de/

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

This e-mail (and/or attachments) is confidential and may be privileged. Use or disclosure of it by anyone other than a designated addressee is unauthorized.
If you are not an intended recipient, please delete this e-mail from the computer on which you received it. We thank you for notifying us immediately.