Re: Cipe and Firewalling by SuSE6.4|
Sven Schulthei▀ <schulti,AT,discus,DOT,wh,DOT,uni-stuttgart,DOT,de>|
Tue, 5 Dec 2000 19:59:45 +0100|
FW_DEV_WORLD="eth1 ..." where ... means your other devices that point
to the Internet.
FW_DEV_INT="cipcb0 ..." where ... means your other devices that point
to your internal networks or your other cipe devices
I think this will work but I didn't test it.
Manuela Guandalini wrote:
> I need help setting my firewall with the SuSEfirewall v.2.1.
> My peermachine works with SuSEfirewall v.1.4 and makes a good job. I
> just need to insert the peernet in the option FW_LOCALNETS and i can
> ping all over that net.
> This option won't give in v.2.1 any more so that i have to use other
> options in the new script.
> V.1.4 works fine with just
> FW_LOCALNETS="myinternalnet peerinternalnet"
> The new script (v2.1) works so:
> FW_DEV_WORLD="eth1 cipcb0..."
> Thanks this configuration i can ping any machine of the peerinternalnet
> from any machine of the myinternalnet.
> And from the peermachine (only the peer, not the whole peerinternalnet)
> i can ping my internal cipe machine, nothing else.
> How can i open the traffic from the peernet to all machines of
> I have ipchains 1.3.9, but since i always used this damn script, i
> really have no idea about building rules on my own.
> Has anybody already used cipe and SuSE >6.3? How did u configure your
> script and evtl. wrote extra ipchains-rules for cipe?
> Please don't tell me just to read the MINI-Howto-Masq+Cipe. I've already
> read it soooo many times, but won't get cleverer, because it has nothing
> to do with SuSEfirewall and even writing scripts like they gave as
> examples just won't work. I tried it already. SuSE support won't help
> either. They problably have no idea 'bout Linux at all. Anyway, they
> won't support questions about firewalling. I hope some of u already
> solved this problem an can help me.
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: