'Re: [opensuse-security] Errors when starting the firewall.'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       suse-security
Subject:    Re: [opensuse-security] Errors when starting the firewall.
From:       "Carlos E. R." <robin.listas () telefonica ! net>
Date:       2007-11-11 19:46:27
Message-ID: alpine.LSU.0.9999.0711112038380.1008 () nimrodel ! valinor
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The Sunday 2007-11-11 at 12:56 +0100, Jan Ritzerfeld wrote:

>> iptables v1.3.8: host/network `Default:' not found
>> Try `iptables -h' or 'iptables --help' for more information.
>> SuSEfirewall2: Firewall rules successfully set
>>
>>
>> This system was upgraded from 10.2 to 10.3 recently, and the firewall
>> rules are exactly the same I had in 10.2.
>>
>> It is complaining of "host/network `##' not found", but it doesn't say
>> which file contains that.
>
> DÃ©jÃ  vu? http://lists.opensuse.org/opensuse-security/2006-07/msg00095.html


You are absolutely right!


FW_TRUSTED_NETS="192.168.1.11,tcp,ftp 192.168.1.11,tcp,ftp-data \

## Type:        string
## Default:
192.168.1.11,tcp,ssh        \
         192.168.1.1,udp,tftp        \
         192.168.1.2,tcp,microsoft-ds    192.168.1.2,tcp,netbios-ssn     \
         192.168.1.2,udp,netbios-dgm     192.168.1.2,udp,netbios-ns      \
         192.168.1.33,tcp,http       \
         192.168.1.33,tcp,ssh        \
         192.168.1.33,tcp,ftp        \
         192.168.1.33,tcp,ftp-data"

And the comment inside has been added by YAST. I'm filling a bugzilla this 
time, I have the backup file to compare the original file and so I can 
prove the upgrade was the culprit:

FW_TRUSTED_NETS="192.168.1.11,tcp,ftp 192.168.1.11,tcp,ftp-data \
         192.168.1.11,tcp,ssh        \
         192.168.1.1,udp,tftp        \
         192.168.1.2,tcp,microsoft-ds    192.168.1.2,tcp,netbios-ssn     \
         192.168.1.2,udp,netbios-dgm     192.168.1.2,udp,netbios-ns      \
         192.168.1.33,tcp,http       \
         192.168.1.33,tcp,ssh        \
         192.168.1.33,tcp,ftp        \
         192.168.1.33,tcp,ftp-data"


I removed those three offending lines and it works fine again. Thanks!

- -- 
Cheers,
        Carlos E. R.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFHN1watTMYHG2NR9URAmobAJwP1i76PdwTnrL1yAeaeiYxbtsJjwCgjDUq
Alph6M5fjLmG9GUpeyo5sq8=
=akb1
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security+help@opensuse.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic