M9. wrote:
so, if I understand well you have only one lan (192.168.1.x) with all
the PC on it.
previously you said:
"This morning i had to shut down the firewall to enter my Lan.
Printing was impossible, and also accessing the other pc's and laptops
in the network.
What i do not understand is why this firewall prevents me from entering
other pc's in the network, while others can acces mine easily?"
It looks like you (or any event) swapped the internal and external
network in the config
try setting with defaults - usually defaults are good
About /etc/scripts/SuSEfirewall2, there are many files there, i do not
know which one you want to see.
it's not a folder but a file in my computer (but the one I have just
at hand is a 10.1, may be the file was spread in several ones later)
this file is commented internally, and the comments are the only
firewall notice I know of
IMHO should a firwall be configured once, and work in silence,
protecting a pc or laptop against attack fro 'outside'.
it's what SuSEfirewall2 do usually :-)
It should not block the trusted hosts, and block the untrusted ones.
not clear in your config wich is what
A warning should be displayed, with an option to grant or denie an
attempt to enter the pc, with a discription of the host and the ip
adress, so that one can decide to let pass once or forever, which does
not mean that 'forever' can not be changed to denie.
it's really too easy to clic on "yes" without caution and very
difficult to go back after, and should any user be allowed to do so?
A realy good firewall can work with passwords, just as a server can.
I think somewhat your definition of "firewall" is wrong. a firewall is
used to open or close "ports", not communication (your firewalls don't
do NAT, as you have an other router).
whatever you do with these ports is irrelevant.
a firewall works at the packet level, not at the logical one, it knows
nothing of passwords. It protect networks, so if you want a part with
trusted pc, it must be the internal and untrusted the external or the
dmz if they are in your house, but this needs an other net card (an
other lan).
you can set some filtering based on IP, but I'm not sure it's secure
and anyway it's difficult to setup.
finally you said "This morning i had to shut down the firewall to
enter my Lan.", so the day before the firewall was nice, what did
change in between?
I beg you use an samba network and windows samba is buggy and needs to
open nearly anything to work as was said from the beginning by an
other writer.
http://lists.opensuse.org/opensuse-factory/2007-09/msg00335.html
but if I understand well, doing so is nearly the same as stopping the
firewall.
use of samba server on suse fixes the permission problem.
jdd
--
http://www.dodin.net
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
