Sorry for a new thread, this may have been answered before, I just can't find it.

I need to get my webserver back up from a lightning strike that took out my NAT.

eth0 ( and eth0:1 ) points to the Internet, eth1 points to the internal lan, eth2 points to the DMZ where the webserver ( also is the DNS server and maybe mail unless I use another box ) is. eth0 and eth0:1 both have seperate outside IPs

eth0:1 is used for the webserver .

I want only port http, https traffic to the DMZ from the Internet ( for now ) and I want http, https, ftp, dns from the lan.

what entries do I make in Susefirewall2 and how? I was told by someone that the entries may even be made in reverse order.

Can anyone help? thanks in advance!

Kumado



ps PLEASE do not give the "standard" reply of just read the - whatever - I either have and I did not understand the tems used OR I had no idea it was what I should read. If it were as simple as that, for me, I would not be posting here now. Just a DOH remender.


I saw a great artical on iptables, I would like to go to a shell only machine yet, but for now I am using Yast since it works

So no one has done anything with SuseFirewall2 thru Yast?

I am not alone then, that somehow feels better.

does anyone have a very basic iptable rule that would set up msq / anti-spoof and basic services for 2 ( or be great 3 ) nics? The iptable -L for Suse's firewall is HUGH and I have no way of figuring it out at this stage. I did find, what so far has been a very simple and straight forward text on iptables, I commend Prince_Kenshi with JustLinux for the work.

I do the admin for our building at school. I had a system working until lightning got the box. I had to rebuild but I cannot get the DMZ back online and I can't figure out what rules in Yast I do not have configured. Hmmm, maybe if I looked at the susefirewall.conf script directly?

I know so little but I want to learn, anyone want to help?


Thanks! Mike


ps: I do recommend http://www.justlinux.com/