[prev in list] [next in list] [prev in thread] [next in thread]
List: suse-security
Subject: SuSEfirewall2 upgrade problem
From: Philip Warner <pjw () rhyme ! com ! au>
Date: 2001-04-27 16:58:46
[Download RAW message or body]
I have a firwall machine that is also my name server, connected to the
internet by semi-permanent PPP links. I have fixed addresses for each end
of the PPP link (defined by the ISP), and my own C-class address space for
the network:
{World}---ISP_ADDR_1:ppp:ISP_ADDR_2---My_Machine(DNS)---MY_ADDR:eth0:---masq
network
(I hope that makes sense). The masqueraded network is in the same C-class
address space as MY_ADDR.
This works fine with SuSEfirewall 4.x, but when I try to use SuSEfirewall2,
packets sent from the ourside world to my server at MY_ADDR get dropped.
The tables seem require that all INPUT traffic be addressed to ISP_ADDR_2.
Is there any simple way to allow the server address to be treated in the
same way as the ppp link address? ie. allow telnet/www/smtp connections to
www.MY_HOST_NAME.com, where www.MY_HOST_NAME.com resolves to MY_ADDR?
----------------------------------------------------------------
Philip Warner | __---_____
Albatross Consulting Pty. Ltd. |----/ - \
(A.B.N. 75 008 659 498) | /(@) ______---_
Tel: (+61) 0500 83 82 81 | _________ \
Fax: (+61) 0500 83 82 82 | ___________ |
Http://www.rhyme.com.au | / \|
| --________--
PGP key available upon request, | /
and from pgp5.ai.mit.edu:11371 |/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic