OpenSUSE Network :: Firewall Settings - Configure - Interface Isn't Assigned To Any Zone?
Apr 20, 2010
I have a work desktop plugged into the work network. As I opened my firewall settings I noticed that it is turned off. My question is how should I configure it? I saw that the interface isn't assigned to any zone... I should assign to internal zone and open some port that I need in order to work? There are some guidelines for configuring the firewall?
View 2 Replies
ADVERTISEMENT
Jan 30, 2010
I tryed to setup a second IP address with yast on a openSUSE 11.2 on eth0 as eth0:2nd but with a different firewall zone. But SUSE firewall just see eth0.
I want to define with services are available on with IP address. Also with custom rules I can't specify a destination IP.
So now can I do this with yast? Or have I todo this manually without SUSE firewall?
View 2 Replies
View Related
Aug 7, 2011
I am just trying to get SSH working between 2 local machines on OpensSuse 11.4 boxes. I have the SSHD daemon running, the firewall is configured to allow SSH to pass, and I am using SSH's password authentication. However, my machines cannot see each other. Anytime I try to SSH, I get "Could not resolve hostname<hostname>: Name or service not known."
Of course, that leads me to believe I need an entry in my /etc/hosts file. However, I use DHCP, and therefore have a dynamic IP address. Therefore, my hosts names will only be good until the next IP renewal. How in the world do I configure SSH with a DHCP assigned address?
View 4 Replies
View Related
Mar 29, 2010
We have a 10.0.0.x network with a working DNS Server (BIND) setup. Recently we purchased Watchguard firewall and configured three networks, so that our internal network can be divided into three networks and talk to each other through firewall routing. So I configured three ips 192.168.0.1,172.16.0.1 and 10.0.0.1 for local network card in the firewall router. I separated three networks and individually configured machines with static ip and given gateway as the above ips. Now, I need to configure DNS server for each zone in the same server which is in the network 10.0.0.x, is this possible?. If yes do I need to setup ip aliases for eth0 in the DNS server with different ips from each network?
View 1 Replies
View Related
Mar 5, 2011
I'm looking forward to the release of openSUSE 11.4, which I'm looking to install as an Internet facing gateway on a mini-ITX machine with 2 Ethernet cards. As such I've been reading up on the YaST Firewall trying to find out to configure it, and there's one thing I'd like to be able to do: 'stealth' all the firewall ports.
In other words, if someone were to hypothetically do a port scan of my external IP address, I would rather they not know whether any of the ports on my gateway are open or closed, so instead of replying with the status of those ports the packets get dropped. I've been able to do this with a product called Astaro Security Gateway, which I currently have installed on a second hand Dell Optiplex machine, but I am now looking into the possibility of installing this as a virtual machine inside an openSUSE 11.4 host (extra level of security) and would like the same functionality for the host OS.
View 9 Replies
View Related
Aug 12, 2010
I have a server with 14 IP's on eth0. I'm using virtual interfaces to handle the IP's, but the iptables don't seem to work on the virtual interface. It blocks ports that I want open. I'm not that great with iptables, I use what I have because it works for me, but as far as tweaking it, I'm pretty lost.
My iptables:
# Simple Firewall configuration
#
# Set default policies --------
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
#
# Internal Networks -----------
#-A INPUT -s <private.class.C>/24 -d <private.class.C>/24 -i eth1 -j ACCEPT
#
# Loopback --------------------
-A INPUT -s 0/0 -d 0/0 -i lo -j ACCEPT
#
# Accept established connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
# Services --------------------
#
# For SSH gateway
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 22 -m state --state NEW -j ACCEPT
#
# For SMTP gateway
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 25 -m state --state NEW -j ACCEPT
#
# For FTP server
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 20 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 21 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 53 -m state --state NEW -j ACCEPT
#
# HTTP services
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 80 -m state --state NEW -j ACCEPT
#
# HTTPS services
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 443 -m state --state NEW -j ACCEPT
#
# POP-3 services
#-A INPUT -p tcp -s 0/0 -d 0/0 --dport 110 -m state --state NEW -j ACCEPT
#
# IMAP services
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 143 -m state --state NEW -j ACCEPT
#
#PLESK
#-A INPUT -p tcp -s 0/0 -d 0/0 --dport 8443 -m state --state NEW -j ACCEPT
#
#Games
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 28960 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 28960 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27666 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27666 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 28961 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 28961 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 28962 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 28962 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27015 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27015 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27016 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27016 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27017 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27017 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27020 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27020 -m state --state NEW -j ACCEPT
# Disallow fragmented packets
-A INPUT -f -j DROP
#
# Log & Block broadcast packets
-A INPUT -d 255.255.255.255/0.0.0.255 -j LOG
-A INPUT -d 255.255.255.255/0.0.0.255 -j DROP
# Log & Block multicast packets
-A INPUT -d 224.0.0.1 -j LOG
-A INPUT -d 224.0.0.1 -j DROP
#
# Log and drop all other incoming packets
-A INPUT -j LOG
-A INPUT -j DROP
#
COMMIT
View 18 Replies
View Related
Jan 1, 2011
I've got my server mostly configured with Samba file shares - I can access from Linux and OSX computers. I've enabled Samba Clietn and Sambar server in the openSUSE firewall settings (on the server), but Windows 7 can't seem to connect. I've been trying to tweak registry keys in Windows and such, but had no luck. However, when I turned off the firewall on the server, I was instantly able to connect. Is there some other service or port I need to open for Windows 7?
View 4 Replies
View Related
Nov 16, 2010
I've searched a lot across the web and this forum in particular, but wasn't able to find the solution. The settings of the firewall are too cryptic to me. When the firewall is turned off everything is OK, but it is uncomfortable to turn it on and off every time I watch IPTV.
View 8 Replies
View Related
May 31, 2011
I have a server machine that is running SUSE Linux Enterprise Server 11. I set up a mysql server there. Now I want to access this mysql server from my laptop. I used the following command,
> mysql -h 12.246.5.70 -u davidehs -p
I found if the firewall on the server machine is running, I can not connect the mysql server from my laptop. If I stop the firewall first, and the do the connection, I can access the mysql. how to keep the firewall running and allow the remote mysql incoming requests?
View 4 Replies
View Related
Jan 28, 2011
I have a server machine that is running SUSE Linux Enterprise Server 11. I set up a mysql server there. Now I want to access this mysql server from my laptop. I used the following command,
> mysql -h 12.246.5.70 -u davidehs -p
I found if the firewall on the server machine is running, I can not connect the mysql server from my laptop. If I stop the firewall first, and the do the connection, I can access the mysql. Do you guys have any idea how to keep the firewall running and allow the remote mysql incoming requests?
View 11 Replies
View Related
Mar 28, 2010
I have tried various rules, like opening port 53 for the DNS with little success. I finally figured that you need to set the source port to 53 and NOT the destination port.However, I have been unable to figure out what ports apt-get requires. The only way I get it to work is to accept everything in iptables.
View 1 Replies
View Related
Aug 28, 2010
If I configure my OpenSuSE 11.2 system to use a proxy server in the YaST Proxy module, do I still need to configure my browser (i.e Firefox) to use these proxy settings, or is it done automatically under the covers?
View 1 Replies
View Related
Jan 18, 2011
I run a small (cabled) network between a desktop with XP with two printers hooked to it and a laptop with Ubuntu 10.04.1 64b. I can approach and use these printers from my laptop and filesharing works also. BUT ... this only works when my Ubuntu firewall (Gufw 10.04.5) is switched off. I am operating behind my router_modem which has a hardware type of firewall switched on at all times so I presume I'm safe. Now my questions:
1. Is this really safe enough?
2. What kind of settings would Gufw need to be able to use it AND use my mini-network for printing? I have no experience whatsoever with firewall rules and settings.
View 1 Replies
View Related
Aug 30, 2010
today I tried to configure a network route to a host for testing my network interface. Code: route add 192.168.1.15 eth0 As I have to eth interfaces and both interface got their IP from DHCP (192.168.1.11 and 192.168.1.12) and are in the same subnet, I shut the other interface down:
Code: ifconfig eth1 down Then I tried to test the interface by doing a ping to 192.168.1.15.
Problem: When I unplug the cable from eth0 (and eth1 is still plugged) the ping still works. Somehow my linux (it's debian) powers up again eth0 and pings over this port.
How can I stop my linux doing this. I just want to have the route added only on the one interface - not the other. Is it maybe some case of a default-gateway?
View 5 Replies
View Related
Mar 25, 2011
I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
View 9 Replies
View Related
Jun 24, 2011
I am trying to configure a wireless connection from YAST under the Network Settings tool.It doesn't seem to do anything. My USB wifi device is detected in YAST > Hardware and I am using the module it says Hardware is using. It doesn't seem to save the module under YAST> Network Settings> Network Card Setup. Is this tool broken or useless? It seems setting up WiFi should be easier than this. YAST should work shouldn't it?
View 9 Replies
View Related
Apr 6, 2011
what I need to do to the firewall in order to make a shared printer available to other machines on my network?
I have the printer set up and have tested it with the firewall switched off, but as soon as I restart the firewall, the printer is inaccessible.
I thought that all traffic on the internal network was allowed, but it seems that I need to create an explicit rule in order to get the shared printer working. Unfortunately, I haven't been able to figure out how to do that yet.
View 2 Replies
View Related
Apr 20, 2011
i have ubuntu 10.10 and i want to configure my interface eth0 with the commande line with owner (not the Root)$ifconfig : this commande works and listed all interface with some description -> thats goodbut when i use some parametre like @ip and netmask
$ifconfig eth0 10.10.10.1 netmask 255.255.255.0
SIOCSIFADDR: Permission denied
SIOCSIFFLAGS: Permission denied
[code]...
View 6 Replies
View Related
Mar 21, 2010
I have a DNS server with 3 zonesone is dynamic with an associated reverse and one is static
Everything was fine until I added a single host in the staticzone then the server stopped resolving names in that zoneThe only way I could get it to work again was delete the whole zone and re enter the zone and hosts
View 5 Replies
View Related
Mar 31, 2011
I used the network manager to configure my eth0 interface.It is working fine. I have found the nameserver entries in /etc/resolv.conf files. But the /etc/network/interfaces file does not carry the ip, netmask, gateway,network and broadcast entries. It only has a entry for the lo interface. where are the settings for eth0 as done by the network manager, stored in case of ubuntu?
View 7 Replies
View Related
Feb 12, 2010
I want to use a static ip address on my wireless network but when I click configure in network tools it keeps telling me The interface does not exist and to Check that it is correctly typed and that it is correctly supported by your system
View 5 Replies
View Related
Nov 20, 2010
I'm using the yast2 gui interface to configure apache. I think its called yast2_http_server. I added one website with *:80 set as the virtualhost ID. When I go to add a second website with the same thing, it errors out with: The IP address is already configured on another virtual host: *:80/mydomain.com. I have another opensuse box with many websites in apache configured this way.
View 1 Replies
View Related
Jun 20, 2011
I am new to UBUNTU. I installed the latest one alongside windows 7. I am having problem with the internet connectivity. I configured the static ip settings right I guess. Edited the Auto eth1 and assigned ipv4 settings manually and entered everything correctly.
Address 192.168.xx.xx
Netmask 255.255.255.0
Gateway 192.168.xx.xxx
DNS Server xxx.xxx.xx.x, xxx.xxx.xx.x
Do I have to put MAC Address as well? Which is addressed as 'Network address' in Windows where I put this MAC. I have on board Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.20) Network adapter. Do I have to install the driver?
View 3 Replies
View Related
Apr 7, 2011
I want some advice for making my system more secure. I want deactivate any network connection that is unnecessary. Only my browser and the update ability of zypper should have access to the internet. On windows there are personal firewalls.
How can I block internetaccess for all other programmes on openSUSE?
View 8 Replies
View Related
Jul 26, 2010
Samba is working correctly if Susefirewall2 is off. I have added Samba client and Samba Services for extern access but samba is not working when firewall is now on. Which services should I also add ?
View 1 Replies
View Related
Feb 24, 2011
how to configure reverse zone for x.x.x.x/18 subnet ,all the example on the internet are for /24 or /16 subnets?
View 9 Replies
View Related
Nov 1, 2010
i hav configure dhcp server. but the ip is not getting assigned to my client machine.
View 3 Replies
View Related
Jul 17, 2010
The default Gnome desktop now has a 1600x1200 @ 75 Hz which fit my monitor but is a little too big (or at least the font sizes are too small). I would like to switch to a lower resolution. I don't find anywhere in Yast how to configure the monitor settings. No more sax2, no more /etc/X11/xorg.conf? What does replace them?
I mean, where can I set which monitor I"m using (Targa TM4896-1), what are the screen resolutions supported, if I want hardware 3D acceleration (or not), if I want to use dualhead (Matrox G400 DH)?
View 9 Replies
View Related
Jan 10, 2010
I successfully configured my local DNS server. I have server1.mydomain.com, pc1.mydomain.com and so on ..
The problem is that my website is hosted on an external server (not on the local network), so www.mydomain.com is not found in the configured zone/subnet
How can I tweak my DNS to fetch ALL subdomains from the gateway (just as it went before the DNS existed)?
View 6 Replies
View Related
Feb 14, 2010
Last night while setting up wired & wireless connection in openSuse 11.2 Gnome version via YAST's ifup, I got wireless but lost wired connection (interface eth0). Dmesg shows that eth0 became eth1. I cannot get eth0 back. Is there any way to remedy this situation, eg. get info from the Ubuntu partition in my triple-boot laptop, without having to re-install openSUSE?
View 3 Replies
View Related