First off, WARREN!!!! What's up?!?! How are things? I'll have to dig around for specifics on this but first off I have a question: how complicated are your existing firewall rules? Another question would be is your server acting as a combined server/firewall connected directly to your ISP or do you have multiple, routeable IP Addresses and this server resides in a DMZ of sorts?
What about booting into run level 3 to avoid X? If you can't stop the boot process from going to X first try putting the server into single user mode then editing /etc/inittab and changing the default to run level 3 (or just make all your changes while in single user mode w/o changing the inittab and rebooting). Reboot, log in, (and this part is from fuzzy memory way back when) edit your firewall script somewhere in /etc/rc.# (or kicked off by rc.local) or written to /etc/sysconfig/iptables if the rules are read from a file and not created at boot time from a startup script. Trouble is it has been forever since I have sat in front of a Suse system so I don't recall if the firewall rules are written to /etc/sysconfig/iptables (google seems to indicate it might be). If the server/firewall is a dedicated firewall I hardily recommend M0n0wall (what a surprise). http://m0n0.ch/wall/ I run mine on a low-power Soekris Net-4501 and can't imagine going back to a "full-sized" firewall. Greg "Ex RPM'er" Brown On 7/5/05, Warren Weber <[EMAIL PROTECTED]> wrote: > OK, it's late, I've gone stupid and could use some help ... > > I am in the process of replacing a server with a SuSE 9.2 system that I built > connected to my current ISP. When I bring it up, I will bring it up on a new > ISP and, > therefore, a new IP address. I changed the IP address and moved the server > off my > handy-dandy KVM (and soon-to-be ex-ISP) and hooked it up to the new ISP using > spare parts. Unfortunately, my spare monitor is not smart enough to talk to > my > server once X starts -- but that's not the real problem (I'll move it back to > the KVM > shortly). Now that I've re-IP'd it, I can only contact it while on the same > subnet it > exists on, not from the "outside". I assume this is because the firewall > needs to be > told all the rules now apply to a new IP address, but I can't verify this due > to lack of > access to the system. > > I'm going to borrow a monitor tomorrow and hook it up, but does this sound > reasonable? If so, can someone enlighten me on how to make the firewall work > with > the new IP address ... or at least point me in the right direction in The > Fine Manual? > > Many thanks! > Warren > > -- > > I know there's money in horses. I put it there! > > Warren Weber > [EMAIL PROTECTED] > http://www.hufta.net > > > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc > -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
