In the firewall, I opened port 5900 for TCP traffic. Now the console is displaying packet information whenever a connection is made. Why does it send a message to stdout/stderr for an allowed connection? How can I stop it? Logging level is set to critical only, and not-accepted packets should only be logged for the internal and DMZ zones.
View 1 Replies
I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
I have been running Senmail on SuSE 11.1 for the last few years with no problems.Since installing SuSE 11.3 a few months ago I have been having problems getting Sendmail to send to some (only a few) servers.If I disable the firewall # SuSEFirewall2 stop.I can send successfully using # sendmail -v -q, or # sendmail -v -qIxxxxx.When I re-enable the firewall I will start to get the timeouts/temporarily unavailable messages again (but as mentioned above, only for some servers) even though I can successfully telnet these servers when the firewall is on. When I disable the firewall the delayed messages can again be sent.Has anybody any ideas what I need to change (presumably in the Firewall) to get things working correctly? 'SMTP with sendmail' is already selected under 'Services to Allow' under YaST Firewall->Allowed Services..
View 4 Replies View RelatedI'm running OpenSUSE 11.4. The problem is that I can set easily what to log (for firewall), but not where to log. And currently the same logs are written to /var/log/firewall and /var/log/messages. I still want messages be written into the first one, but not the second one — it is redundant and it is polluting regular system logs.So how to stop the firewall from writting logs to /var/log/messages?
View 5 Replies View RelatedI have properly configured my router to open a port for Transmission and Vuze. The OpenSuSE firewall settings are somewhat confusing, however. How do I add a port specifically for the BT protocol? I know it's the firewall causing issues, because when I shut it down, my BT apps roar to life, and die with a whimper when I turn it back on. In Ubuntu, opening a port in the router is automatically configured in the firewall; that is apparently not the case with this distro.
So, when I go to Yast Firewall, I see "allowed services" under the tabs available. When I hit that tab, I see a dropdown menu that contains services such as NetBios Server and Samba Server. Am I choosing one of those available and adding a port to it? Am I adding a custom service via the Advanced settings, and if so, why isn't there a way to label the service so that it shows up under allowed services?
I used to have Opensuse 11.0 and Vuze 4.0.2 and both were working great. Recently I upgraded to OpenSuse 11.3 and installed Vuze 4.5.10. I did not change any configuration in the ADSL router but now I could not get the smiley icon to go green. I followed all the steps given here: A Quick Bittorrent Guide (with screenshots). It doesn't work. so I modified FW_ROUTE and FW_MASQUERADE to yes in /etc/sysconfig/SuSefirewall2. That also does not work. What did I miss here? My ADSL router is DSL-2640T.
View 3 Replies View RelatedWhile reading some papers on securing apache with selinux, I have tried to bind httpd to port 3000 expecting to be blocked by the selinux, since port tcp 3000 isn't on the http_port_t list. However I was able to start the service...
I'm preety sure selinux is enforcing. Also, if I bind httpd to tcp 81 selinux denies the start of the service, as expected!Did I miss something? Why is httpd allowed to start binded to a port that's not explicitly allowed?
i am using centos 5.4 (5.5?) gnome on multiple machines in a local network.is there a program available that does the following:you type a message in a 'note'screen on one computer and can send it to one (to choose) or all machines in the local network that are online, so you can read the message on these other machines screens.
View 6 Replies View RelatedI am trying to install ubuntu on my windows 7 OS using the wubi installer. The installer is trying to download amd.iso.torrent, but I guess it should be downloading i386.iso.torrent. At, the same time I am getting permission denied even though I allowed access from my firewall.
View 2 Replies View RelatedI would like to be able to monitor which programs are allowed to access the internet, but a search for programs to do this has turned up nothing. Preferably, I would like a notification to come up every time an application uses the internet. Is there any (n00b friendly) software available to do that?
View 2 Replies View RelatedIf I forward port 80 to port 3128 for squid with an iptable rule, does port 3128 have to be open on the firewall or is this all routed behind the firewall?
View 4 Replies View RelatedIn SuSE firewall0. I do have a openSuse 11.4 and multiple IP addresses on eth0 interface
I run (trying to/have to) multiple TOMCAT servers.
I am trying to have each tomcat instance listen to on separate IP address for example:
What i am trying to do is to redirect
a) tomcat 1 -
a) tomcat 2 -
And so on.
I know that it has to be possible.
I do have just eth0/
Is is it possible. Do I have to create "vittual interfaces"? eth0:1, .......... and do redirection ?
"Server" has got just single interface - just 1 ethernet calbe goes to that server. I am planning to have 10-15 tomcat's on that server (I have to unfortunatley) and each has to run on port 80
Is it possible to "grant" permissions to normal users to run app on port 80 - that would solve me lots of problems if impossible to redirect.
I tried to setcap 'cap_net_bind_service=+ep' /path/to/tomcat ...... but no luck
I had just got Arch up and running a couple weeks back, and I was following a random user's guide (previous Ubuntu user and newb to Linux in general)-- I think it may have been a mistake. When I was configuring my iptables/ufw, I'd added a rule to iptables allowing ssh to be used from anywhere (I think so anyhow); it came up as something along the lines of 'ALLOW: IN : ANYWHERE: ssh 22' in red font on gufw.
This had been open for about a few days, and I didn't realize the security risk until I learned what ssh is. So is it likely that my system is compromised and needs a full hard drive wipe? hosts.deny remained in its default state, so wouldn't that override the iptables configuration or no? Could my router have kept any potential threats out like it has before despite the rule?
I'm using a local proxy server VPN'd to another network.
How do I setup either Firestarter or Gufw/ufw to ONLY allow in/out from ONE port? (The one port the proxy uses)
Ex: Firefox is proxied to 127.0.0.1, all ports, and then the proxy picks it up, and sends out on port xxxx, and recieves on port xxxx, then sends back thru 127.0.0.1, back to Firefox.
Any setting/rules I've treid on either Firestarter or Gufw kills the proxy>VPN (Proxy won't connect to remote network)
Addendum: If I start the proxy FIRST, then the firewall, all is good. I'm thinking the proxy uses a port to connect with remote network first, then switches to my configured xxxx port...hmmm
I want to check if a port is allowed in iptables. How to do this?
View 5 Replies View RelatedI want some advice for making my system more secure. I want deactivate any network connection that is unnecessary. Only my browser and the update ability of zypper should have access to the internet. On windows there are personal firewalls.
How can I block internetaccess for all other programmes on openSUSE?
I have a laptop (running Fedora 10 KDE version) and a desktop (running Ubuntu 7.10) on my home network. Is there any way to send messages from one computer to another through LAN ?
View 5 Replies View RelatedSamba is working correctly if Susefirewall2 is off. I have added Samba client and Samba Services for extern access but samba is not working when firewall is now on. Which services should I also add ?
View 1 Replies View RelatedI have two accnts in Thunderbird 3.1.10 in Lucid 64bit - gmail and itt-tech.edu (smtp.live.com). I removed apparmor because of the bug not allowing the file system to be mounted. I can send via gmail, not smtp.live.com. Smtp settings are correct. Any security package setting that might be hindering this mail send action?I have UFW installed.
View 1 Replies View RelatedI am doing a university course and am struggling to find a method of sending 1 message down route A and then the next message to the same destination via route B, alternating between the two with each new message sent.I am going to use a Linux computer with two Ethernet cards connected to two different networks via a routers and then to the destination host via a switch.
View 4 Replies View RelatedI have around 6 email accounts for business & private use that I retrieve and send via pop/smtp with Kmail (Version 1.11.4). But it seems that all my outgoing mail is only sent via one account (say first@gmail.com) even if I select another account for the outgoing I.D field and FROM field. When I look in the sent folder the headers shows the correct sent from account but my recipients headers show they were all sent from first@gmail.com! Ebay keeps bouncing my emails back too as a result saying the email is not registered. It used to work just fine so not sure what is happening. I have tried reinstalling Kmail/kdepim-4.2.4-x86_64-1.txz deleted all the accounts and recreated them but the problem persists.
View 4 Replies View RelatedI have OpenSuse 64bit running a web site. I have a form on this site here:- Dynamic Systems Group The script itself works and I have tested it on another hosted server and it works fine. However on my server the email the script sends never arrives, which must be a problem with my Postfix settings I guess. However I also have two pages on my site for testing sending of mail, which BOTH report a postive result:-
[URL]
However even though these pages report successful send the mail stil never arrives. I have looked at many pages and forums on the internet and I am really, really confused as to how to set up Postfix. On the Suse box I have the Mail Server configured in Yast to send mail via my Gmail.com account using TLS and authentication but still no success!
Can I make my messages directly appear at client from server? Normally we type
tailf /var/log/messages
to see messages sent by other machine. So can I send my messages directly at command prompt?
I have been finding a lot of "You are Not allowed to connect" messages in my maillog file.
and the email addresses are not in my forum database. I've check my server for rootkits and there are none installed and I've also used mxtoolbox to test my server as an open relay and it says it's not an open relay. however I am seeing bounces that show 'relay' and I wonder exactly what I'm looking at and and asking for some help in identifying the nature of these emails. here's a few examples and they seem to come in 'spurts" when I'm tailing the maillog file. there's never anything waiting in the queue to be delivered.
Jun 9 15:12:29 mysite postfix/smtp[13642]: 51EA914B90DE: to=<jake@jvanderlaan.110mb.com>, relay=none, delay=172540, delays=172538/0.98/0.32/0, dsn=4.4.1, status=deferred (connect to jvanderlaan.110mb.com[64.191.15.246]: Connection refused)
Jun 9 15:12:29 mysite postfix/smtp[13610]: 9D84914B8186: to=<jake@jvanderlaan.110mb.com>, relay=none, delay=56434, delays=56433/1/0.28/0, dsn=4.4.1, status=deferred (connect to jvanderlaan.110mb.com[64.191.15.246]: Connection refused)
Jun 9 15:12:29 mysite postfix/smtp[13613]: 70ECC14B812A: host
[Code]...
Does anyone know how to configure msmtp to sed mails via gmail?
In mandriva it is done by modifying a file :
etc/msmtprc.conf
where you state your gmail account details.
Currently if I try to sent an email with my recently installed msmtp, I get the following message:
msmtp: account default not found: no configuration file available
I have a LAMP server and need a web page to send email messages. I could do it with my Win 2k server through my cable service but can't seem to get it to work here.
View 9 Replies View RelatedI am trying to add a custom allow rule in the firewall for a range of IPs from 74.201.102.0 - 74.201.103.255, what exactly am I supposed to enter in the source box? I believe I have to add two separate rules for 102 and 103, and I put /24 at the end of both, is this correct to get the whole range of IPs?
View 3 Replies View Related1. Under openSUSE 11.2, I allowed printer sharing through CUPS by setting the Firewall to Allow Services of CUPS in the External Zone section. I don't see the CUPS option in the Allow Services of the Firewall under 11.4, any zone. Is my system missing something?2. If I turn off the Firewall, the client computer can see the printers, even get the broadcasted names. If I put port 631 in TCP of the Advanced setting of the External Zone, the client computer can see the printer too, but I know I read somewhere that putting 631 in the External Zone is basically allowing printer requests from the entire internet.
View 2 Replies View Relatedwe have a problem with dhcpcd at boot time on any openSUSE version from 11.0 to 11.3. It seems that a number of workstations never send out DHCPDISCOVER or DHCPREQUEST at boot time, we have verified this with packet dumps. The dhcp client progress bar is displayed on the console but eventually times out, goes into background and the system continues booting.This is a problem because the timeout takes a long time and users have to wait. Sometimes the display manager is even started but users cannot using LDAP authentication. Eventually these systems just continue to use their old lease and networking works.Curiously, when we do a network restart after boot, the clients send DHCPDISCOVER/-REQUEST normally, we only have this problem at boot time.
On the server side we're using ISC dhcpcd-1.3.22pl4-223.13 on SLES 10 SP2. I have read about others who had the same problem, they switched from dhcpcd to dhclient. I have also tried this, but for us dhclient is not an option for a number of other reasons. Another thing I have tried is setting DHCLIENT_SLEEP ("Some interfaces need time to initialize. Add the latency time in seconds")o two minutes to give the interface time to initialize.nfortunately this didn't change anything.
I've got a strange sendmail problem I've never come across before...Messages less that 2500 lines (approx 169kb) are sent correctly - anything else goes straight into the queue and is never delivered. The server sits in a intranet, is not connected to the outside world, and forwards its mail to a smart host.All configuration has been done through yast, so there are no unusual settings. I've run sendmail on SuSE from version 6 upwards, and this is the first time I've come across this - it's driving me potty
View 4 Replies View Related
