[prev in list] [next in list] [prev in thread] [next in thread]
List: suse-security
Subject: [suse-security] SuSEfirewall2 Anti SPOOFING
From: Stephen Prendergast <stephen () sps ! co ! nz>
Date: 2004-02-24 5:07:10
Message-ID: 200402241807.15670.stephen () sps ! co ! nz
[Download RAW message or body]
Guys
I've got myself a little confused over some issues I'm having on this and
despite reading Togan's primer don't seem to be winning.
ADSL router -10.10.99.1
| DHCP , DNS
|
eth1 10.10.99.5
| ssh
|
eth0 10.10.200.254
| squid, squidguard, internal http
|
rest of Lan
SuSEfirewall2
FW_ALLOW_INCOMING_HIGHPORTS_TCP="no"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS domain"
Logs I get the following when the firewall has been started and the browsers
hang - squid trying for dns resolution I suspect
Feb 24 17:57:37 localhost kernel: SuSE-FW-DROP-ANTI-SPOOF IN=eth1 OUT=
MAC=00:80:ad:8e:f9:64:00:d0:41:0e:92:1f:08:00 SRC=10.10.99.1 DST=10.10.99.5
LEN=148 TOS=0x00 PREC=0x00 TTL=64 ID=51956 PROTO=UDP SPT=53 DPT=1052 LEN=128
Squid is setup to use the nameserver from resolv.conf as 10.10.99.1 as
provided by dhcp.
Does this indicate I should provide a local dns rather than pass through the
firewall ?
Cheers, all help warmly appreciated.
--
Stephen Prendergast
SP Software Ltd
07 570 1452
021 466 247
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@suse.com
Security-related bug reports go to security@suse.de, not here
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic