OpenSUSE Network :: How To Configure YaST Firewall
Mar 5, 2011
I'm looking forward to the release of openSUSE 11.4, which I'm looking to install as an Internet facing gateway on a mini-ITX machine with 2 Ethernet cards. As such I've been reading up on the YaST Firewall trying to find out to configure it, and there's one thing I'd like to be able to do: 'stealth' all the firewall ports.
In other words, if someone were to hypothetically do a port scan of my external IP address, I would rather they not know whether any of the ports on my gateway are open or closed, so instead of replying with the status of those ports the packets get dropped. I've been able to do this with a product called Astaro Security Gateway, which I currently have installed on a second hand Dell Optiplex machine, but I am now looking into the possibility of installing this as a virtual machine inside an openSUSE 11.4 host (extra level of security) and would like the same functionality for the host OS.
View 9 Replies
ADVERTISEMENT
May 1, 2010
This morning I was configuring a DNS server through Yast at home, I've done it once before (in another wireless lan)and it works perfectly. But this morning, after I clicked "start dns server now", everything freezed, and caps lock light on keyboard kept flashing. I rebooted laptop,it couldn't boot into run level-5 and there were few "skipped" items and "failed" items displayed.... Sorry I'm new to linux so I re-installed it this afternoon, and kept /home partition, formatted / partition.
Everything seems to be fine after re-installation, again I tried configuring a DNS server and clicked "start dns server now", but the same problem appeared, caps lock light kept flashing and I rebooted the laptop but fortunately this time it didn't fail on any items when booting
In Yast-Network Settings, I choose "use controlled with network manager", and I can connect to wireless router and browsing web, but there are no any interfaces shown in Yast-Firewall, and this time, after I clicked "start dns server now", nothing happens, dns server just won't start...
View 7 Replies
View Related
Feb 1, 2010
Im new in this world of linux and suse. I have just installed the opensuse 11.2 in a Dell Inspiron 5160. Such laptop has a BCM4306 Wireless LAN controller. When I tried to configure a wlan connection, I found that the firmware was not installed. After looking in different forums, I installed the firmware b43. Now, my wlan card is abled to find the wireless of my router.
I have tried to configure a connection with YAST as well as with Network Manager, but both cases failled. Specifically, when I use Network manager, Im able to see in the applet my connection, how strong is the signal, but I see a yellow symbol (in one forum, such a box is shown with a green symbol).
I have check many time all about the secutity, encryption, and so one and all seems to be correct. But when I open the mozila firefox or the konqueror browser, no chance to surffer in internet. Now Im just a step to become crazy. The drivers are ok, the information about the router and the keys are ok, but in such a way, I am still harmloss.
View 1 Replies
View Related
Mar 14, 2009
I work with a proxy serverWhen i try to update my system i am not being allowed access. it tells me that i am denied access. what can i do?
View 7 Replies
View Related
May 9, 2009
I am new to using OpenLDAP on OpenSUSE with the yast configure tool. I have used Openldap on Fedora before and there was a slapd.conf file that I could modify. It appears that the yast does something different. Anyway I need to find out what the rootdn password is, but I cannot find it since there is no slapd.conf file.
View 2 Replies
View Related
Aug 6, 2010
Probably because I don't know what to put in some of the fields.So; all I want to do is to run my own e-mail server for my business. The network is set up, the web server is running, but I'm having no end of trouble with YAST and the e-mail server.I have a single server running open suse 11.3 32 bit. It is attached to a modem/router. I have a static IP address for my registered domain. The server has a static IP address (192.168.1.8 in this case). My server is NOT running either a DHCP server nor a DNS server - there is no need, since there is nothing else on this box. It has only one network connection - eth0.
I'm trying to set up an e-mail server. I have been unable to get an 'advanced' implementation to work because all attempts to create a suitable server certificate fail. So for now I'll stick with a 'standard' set up.I don't know what I should put in such fields as 'outgoing mail server' (I've assumed I should use the FQDN of my server);I've no idea what 'masquerading' is for or what I should do with it;I don't know what I'm supposed to put in the 'outgoing mail server' in the 'authentication' section;I don't know what to put in the 'downloading' section;and I don't know what 'accept remote SMTP connections' does.I can get the server to start, but any attempt to retrieve e-mail from it ends in an authorisation failure - the syslog shows a sign-on attempt from my 'real' IP address and some form of numeric userid which cannot be found.So, if anyone can tell me what to put in YAST to make it work, I'd be a very happy chap.
Yes, I can telnet to 'my.server.my.domain' 25, so something must be right. But my Linux knowledge is not enough to get it working properly.
View 9 Replies
View Related
May 15, 2010
I use openSUSE 11.1 and my YAST can't connect Internet: How to configure my YAST Internet configuration through proxy server in order to download and install the programs (for example dwnld and install WML from [URL])
View 9 Replies
View Related
Jan 1, 2011
I've got my server mostly configured with Samba file shares - I can access from Linux and OSX computers. I've enabled Samba Clietn and Sambar server in the openSUSE firewall settings (on the server), but Windows 7 can't seem to connect. I've been trying to tweak registry keys in Windows and such, but had no luck. However, when I turned off the firewall on the server, I was instantly able to connect. Is there some other service or port I need to open for Windows 7?
View 4 Replies
View Related
Nov 16, 2010
I've searched a lot across the web and this forum in particular, but wasn't able to find the solution. The settings of the firewall are too cryptic to me. When the firewall is turned off everything is OK, but it is uncomfortable to turn it on and off every time I watch IPTV.
View 8 Replies
View Related
Apr 20, 2010
I have a work desktop plugged into the work network. As I opened my firewall settings I noticed that it is turned off. My question is how should I configure it? I saw that the interface isn't assigned to any zone... I should assign to internal zone and open some port that I need in order to work? There are some guidelines for configuring the firewall?
View 2 Replies
View Related
May 31, 2011
I have a server machine that is running SUSE Linux Enterprise Server 11. I set up a mysql server there. Now I want to access this mysql server from my laptop. I used the following command,
> mysql -h 12.246.5.70 -u davidehs -p
I found if the firewall on the server machine is running, I can not connect the mysql server from my laptop. If I stop the firewall first, and the do the connection, I can access the mysql. how to keep the firewall running and allow the remote mysql incoming requests?
View 4 Replies
View Related
Jan 28, 2011
I have a server machine that is running SUSE Linux Enterprise Server 11. I set up a mysql server there. Now I want to access this mysql server from my laptop. I used the following command,
> mysql -h 12.246.5.70 -u davidehs -p
I found if the firewall on the server machine is running, I can not connect the mysql server from my laptop. If I stop the firewall first, and the do the connection, I can access the mysql. Do you guys have any idea how to keep the firewall running and allow the remote mysql incoming requests?
View 11 Replies
View Related
Jun 24, 2011
I am trying to configure a wireless connection from YAST under the Network Settings tool.It doesn't seem to do anything. My USB wifi device is detected in YAST > Hardware and I am using the module it says Hardware is using. It doesn't seem to save the module under YAST> Network Settings> Network Card Setup. Is this tool broken or useless? It seems setting up WiFi should be easier than this. YAST should work shouldn't it?
View 9 Replies
View Related
Jan 23, 2011
how to open firewall ports without using yast. The reason I'm asking is because I'm working on a .sh script for the installation of a couple of programs. Some ports need to be open for the programs to work, I find it really annoying to go to yast and type the ports manually every time. I've looked at /etc/sysconfig/SuSEfirewall2 but can't seem to find anything, I also know that after the changes I will have to stop start the firewall by running:
SuSEfirewall2 stop
SuSEfirewall2 start
View 4 Replies
View Related
May 5, 2011
I have WiFi printer, HP DeskJet F4500. If suse firewall is on, yast doesn't see that printer. If I turn firewall off, Yast sees printer and install it just fine. Problem is, that when i start firawall again, yast denies whole printer and turn it off mode in Yast. What firewall rule i have to make to get this work?
View 2 Replies
View Related
Mar 25, 2011
I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
View 9 Replies
View Related
Feb 13, 2010
I have installed openSuSE 11.2 and my fingerprint reader have been detected on Hardware Information. But when I try to enable it on "Fingerprint Reader", it throws an error: Cannot write PAM settings as you can see on the following pic:
Is there a way to solve this problem?
View 1 Replies
View Related
Jun 20, 2010
When using yast to configure/modify partitions I get the following error:
"The partitioning on disk /dev/sdb is not readable by the partitioning tool parted, which is used to change the partition table. "
"You can use the partitions on disk /dev/sdb as they are. You can format them and assign mount points to them, but you cannot add, edit, resize, or remove partitions from that disk with this tool."
I have never seen this before....I want to delete the paritions on this disk and start over...
View 8 Replies
View Related
Dec 8, 2010
In my YaST Network Settings (11.3), I see an entry labelled "Unknown Network Device" how to remove the confusion? The Overview tab also correctly lists my three known network devices (listed below), as does the Hardware Information utility. This is the output of lspci, and as far as I can tell, is accurate and complete. So what has YaST seen that it can't identify?
Code:
00:00.0 Host bridge: Intel Corporation 82845 845 [Brookdale] Chipset Host Bridge (rev 11)
00:01.0 PCI bridge: Intel Corporation 82845 845 [Brookdale] Chipset AGP Bridge (rev 11)
00:1d.0 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #1 (rev 01)
00:1d.1 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI [Code].....
View 7 Replies
View Related
Jan 16, 2010
I am relatively new at Linux and am having some problems with an install of openSUSE 11.2. I installed 11.2 on my Thinkpad X31 dual boot with WinXP. It seems to work very well except the network. I looked up swerdna's instructions on setting network cards up. I used YaST to try and set the system up as described in swerdna's instructions. Everything looks fine my network card and wireless card show up in the overview settings screen and everything sets up fine. But when I exit YaST the network doest show up no icon in the system tray and it doesn't even try to connect.
I did go into hardware to see if it was identifying my hardware and my network card shows up as "Thinkpad R40" and the wireless shows up as Cisco Aironet Wireless 802.11b. As far as I know this is correct. I have tried three other distro's and this one has gotten the closest to working so far.
View 8 Replies
View Related
May 27, 2010
How do you mannually set up a network using Yast/ifup? I'm trying to get my wireless running on a Broadcom 1390 WLAN. I've gone through the stickies in the wireless forum (this is my first stab at Linux) and have gotten the drivers installed and the internet working (albeit intermittently) using Knetwork manager. It seems that some folks that have had the same issue did not have problems setting the network up manually with Yast & ifup. I've disabled network manager in Yast, and I went through man ifup. It seems I need a "pre-configured interface," but I don't know how to make that happen.
View 9 Replies
View Related
Apr 7, 2011
I want some advice for making my system more secure. I want deactivate any network connection that is unnecessary. Only my browser and the update ability of zypper should have access to the internet. On windows there are personal firewalls.
How can I block internetaccess for all other programmes on openSUSE?
View 8 Replies
View Related
Dec 9, 2010
When I change something in network setings using yast (for example hostname) it failes to restart the network. I have to start knetworkmanager manually from the terminal. Does anyone get the same type of behaviour ? I'm attaching the relevant yast log.I'm using 11.3 KDE 4.5.4 2.6.34.7-0.5-desktop kernel.
Code:
2010-12-08 07:06:17 <1> opensusetest(6010) [YCP] network/runtime.ycp:28 Running SuSEconfig ...
[code]....
View 9 Replies
View Related
Jun 28, 2010
I have a US Robotics serial modem, and I have smpppd enabled in system services, with wvdial and kppp installed. When I try to set the modem up using yast, I keep getting hung up by the different screens. First a screen that asks if I need to dial a number to get out. I have to dial 9, so I have that entered. Then a screen that asks for "country" and "provider."
When I try to enter anything, nothing shows in the boxes, so I go to a screen that asks for the phone number, provider, user name and password. When I enter those, it goes to a screen that wants "Connection Parameters", with default settings and the "buttons" at the bottom of the screen "muted," or flattened out, i.e. unusable. That makes it impossible for me to set the information as saved, so it's back to the beginning and sart over, with the same results over and over. How do I get the modem so it dials out?
View 9 Replies
View Related
Aug 23, 2010
I have installed 11.3. Now for DSL I use PPP over Ethernet. I have configured DSL via YAST and it works fine. The connection is set at boot.
Now I want DSL to connect manually not at boot time. I did changes in the YAST/DSL to start Manual and rebooted. Once rebooted how do I connect?? Like any button/applet ??
View 1 Replies
View Related
Apr 29, 2011
When I set my DNS servers via Yast>Network Devices>Network Settings>Hostname DNS it accepts the addresses, but then when I check then the next time they are faded out. I set them again, but same results.
View 6 Replies
View Related
May 26, 2011
In the OpenSUSE documentation I red this very exciting chapter Chapter 6. Network Authentication with Kerberos That mentions "Using LDAP and Kerberos" which combined with NFSv4 would give my office net functionality of a M$ Win network.
We are still on 11.2 (we have no win clients at all) and I was testing different setups of 11.4 in VM, but I can't get YaST to configure the LDAP with Kerberos setup (our current setup does not use Kerberos only LDAP). Unfortunately I could not find any meaningful HOWTO on how to do it in SuSE. The page in docs involves editing config files, but I would like to avoid this, because from my former experience with Samba, as it would mean I cannot use yast anymore and that is sad.
Is there a way to configure LDAP + Kerberos (in terms of issuing of krb tickets at login) with YaST?
PS: I basically need Kerberos for NFS and Intranet site.
View 5 Replies
View Related
Jul 26, 2010
Samba is working correctly if Susefirewall2 is off. I have added Samba client and Samba Services for extern access but samba is not working when firewall is now on. Which services should I also add ?
View 1 Replies
View Related
Apr 12, 2010
it's a couple of weeks I can't perform YaST updates from my openSUSE 11.2. The reason is that YaST wants to connect to repositories "only" through IPv6, but my network doesn't support it. I quoted only because I suppose it prefers v6 over v4, but it keeps trying to connect without switching to v4 or returning error.
Even if I disabled IPv6 from YaST/Networking/Network Settings, I still have a local scope address. I connect to Wifi using KNetworkManager. The TCP/IP stack should know that if an interface has a local scope v6 address and a global v4 address, it's a bad idea to keep trying with v6. Italian mirror, garr.it, of openSUSE repository both has v4 and v6 addresses. If I try to ping opensuse.mirror.garr.it I ping v4, but if I try to telnet that host on port 80 it tries to connect to v6. Same if I try to connect with Firefox.
How to tell Linux that I don't have IPv6? I'm connecting from University of Naples wireless network. While unina has IPv6 via GARR's Teredo tunnel (2001:760::/32 as I remember), it doesn't reach students' network because DHCP server doesn't release IPv6, nor Zeroconf obtains one. I just would like to use classic IPv4 until, at least for now.
View 2 Replies
View Related
Apr 25, 2010
My box has to connect to internet using specified http proxy.I have set proxy in both kde control center and yast2 control center. They both tell me the proxy works fine. But when I really try to use yast2 to update my system, it report an error:
Code:
Failed to download ./repo/repoindex.xml from [URL]
History: - [AbstractCommand.cc:195] URI = [URL]
Even I try
Code:
export http_proxy=http://XXXX
yast in command line,the error still exist.
In debian apt-get and slackware slackpkg,my proxy works fine. So I am sure it is not my fault and maybe it is a bug of yast2.
View 7 Replies
View Related
