Your set up seems confusing..... A firewall is usally set up to block external untrusted networks, ie. the internet. Which would appear to be on your eth0. Then normally you would have a second nic installed for trusted/internal networks on ie. eth1 and your server would be the gateway/firewall. Right now your firewall is doing its job correctly, it's blocking/dropping what appears to be a 'spoofed' address. It thinks its a spoofed address because the address of 10.x.x.x is a non-routable address that is not orginating from your machine. This is how spoofing is done. sending packets to someones machine trying to fake that it orginally came from them in the first place. I'm not sure what you can do to make this work like you want except to punch holes in your firewall (bad idea). You should be able to find a file in your /etc or /etc/rc.d or where ever named "rc.firewall" or something like that. This will be a script that is run at boot up that loads the firewall rules for iptables. Once you find it you should be able to find a section that is headed with something like #SPOOFING etc with a few iptables rules that block spoofing attacks, comment them out to set off protection for spoofing. Most rc.firewall scripts contain a default set of ip spoofing rules. I would expect you'll run into more problems thou, you'll probally have to punch several more holes in your firewall to get it to work like your trying to get it to. I'm not an expert by any means on this. Most firewalls start with deny all except what is explicitly permitted. With all that said maybe you could add a couple of iptables rule to just allow 10.0.0.2 only? My choice would be to serve ltsp on trusted networks only.
Also the only searchable email archive for ltsp I know of..... http://www.mail-archive.com/[email protected]/ > Hello, > > I am trying to setup an X-terminal connected to a SuSE linux 7.1 > server. On the server I have a firewall set up using SuSEfirewall2 > which, to the best of my knowledge, is just a front end for iptables. > If I turn the firewall off then the terminal boots up with no > problems. However, with the firewall on it stops and the following > appears in the /var/log/messages file on the server: > > Nov 25 17:50:54 kipling dhcpd: DHCPDISCOVER from 00:20:af:20:f7:4f via > eth0 Nov 25 17:50:54 kipling dhcpd: DHCPOFFER on 10.0.0.50 to > 00:20:af:20:f7:4f via eth0 Nov 25 17:50:54 kipling kernel: > SuSE-FW-DROP-ANTI-SPOOFINGIN=eth0 OUT= MAC= SRC=10.0.0.2 > DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF > PROTO=UDP SPT=67 DPT=68 LEN=308 > > The server has ip address 10.0.0.2 and the terminal is allocated the > address 10.0.0.50. Any ideas how I can get round this? Any pointers > would be useful and then I could then try messing around with the > firewall configuration file. > > Also, is there a searchable version of the archives for this mailing > list? I have some other questions which I'm sure will already have > been answered. > > Thanks, > > Joe > > > _____________________________________________________________________ > Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: > https://lists.sourceforge.net/lists/listinfo/ltsp-discuss > For additional LTSP help, try #ltsp channel on irc.openprojects.net > _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.openprojects.net
