-   SUSE / openSUSE (
-   -   Where is the firewall file in SuSe 9.0 (

ALInux 06-21-2005 07:17 AM

Where is the firewall file in SuSe 9.0
I want to edit my firewall manually in SuSE9.0 where can I feind it ?

Manzabar 06-21-2005 10:20 AM

In SuSE 9.0 Pro, the firewall can be configured via YaST under "Securty and Users -> Firewall" and further tweaked under "System -> Editor for /etc/sysconfig files -> Network -> Firewall". If you really want to do everything by hand, then you could try editing /etc/sysconfig/SuSEfirewall2. BTW, the file name might be slightly different as I've done considerable amounts of tweaking to my old SuSE 9.0 box, but /etc/sysconfig should be the right directory.

On the other hand, you could ignore the SuSE Firewall entirely and just read up on iptables for your firewall.

Kumado 06-21-2005 11:26 AM


I am wanting to learn more about the susefirewall2 AND making my own iptables list. I have a tutorial on iptables, so far it is pretty good. I am more by doing than by reading. Got any sample scripts of a basic iptable script that would run a NAT? ( with DMZ ;) and a web server in it ? )

I teach at a school, ended up having to do a network for my class. Worked so well that now the whole building is on it. I wish I knew what I was doing. I learned what little I know about networking in the past 4 years because I had to. I like it. Terms and methods are what is killing me. There are more variations and such to drown anyone.

I have Suse 9.0. I feel like 9.1 was bugged, too many machines acted up under it. I am looking at 9.2. 9.0 is fine, not that important really for now. One step at a time, I need function.

I can SSH into my NAT from home, I would rather go all tui if I can get that far. Right now, I had my NAT die a lightning death. I built a temp box in and have basic functions, but I want the DMZ back up. A student actually did the biggest part getting it running before and both our notes leave much to be desired.

I have read and searched till I am searched out. The variations I stated kill me. I go so far thru a how-to only to find that part of what they used does not even show up on my machine. I can handle it being in a different directory, but when it is not there at all?

I am basically new to Linux and networking, any good thoughts? ( I am a slow reader, not alot of links to links to docs please :) ) Examples with discriptions tell me volumes.

I can and do use Yast thru putty, I just am missing what all I need to set. I want to put 2 rules together later to set filtering for students vs admin, 2 VPNs (?) route traffic to 2 different machines for filtering to reduce the load.

Thx ahead ( I hope )


Manzabar 06-21-2005 07:01 PM

@Kumado: SuSE makes a good desktop and a decent server, but if you're running it for just a firewall that's a bit of overkill and it might be easier for you to try something like ClarkConnect or SmoothWall.

Kumado 06-24-2005 09:14 AM

I use Suse for the NAT, the web server, dns, dhcp, ftp server, future mail and I am considering using it in the entire lab for classes next school year.

I choose Suse because I knew at the time they were working with AMD, it seemed to have a decent gui. It spoke to me of stability. The Novel thing? hmmmm, we'll see.

I know the kernal should be the same on all 'nix, but there are so many variations from one flavor to another, why would I complicate my learning so much by using more than one 'nix?

It is hard here because everyone wants to tell you to read some how-to or such. I have read MANY articals, searched man pages etc, I would not post if I knew what I needed. I find I do not know what I need to ask. All the articals end up being just different enuff or of an incorrect version ( kernal or ware ) to blow what I am tring to figure out of the water. I learn more by example anyway.

I have used Yast, I still cannot get my DMZ back up (webserver), but I would like to be able to do it all seat-of-the-pants too. Write the scripts. I was talking with a guy, I kept tring to figure out how to bring a new system up. Asked for weeks, "so you use route to set routes and then use iptables to set up msq and filtering" ..... I finally found out I do not need route at all, iptables does it alone. Now, does iptables set up msq? How do I set-up anti spoofing. is that a given?

I can almost read some of the iptable commands posted, I am getting better I think, but too many leave out things or do not describe what it is they are doing, take for granted that we know.

I really enjoy this, I just have so little time. I am a teacher 1st, then I get to work on this. When I work with the little time I have and get no where, it is VERY frustrating exspecially to just have someone send me to a book or site that has 500 pages of stuff that MIGHT answer my question IF I knew what it was. Sorry, venting. Bugged me that I was setting something up, ftp or dns or something, worked long time, setting tcp protocal up, found out much later, "oh yeah, did you set up the udp?" where do you find that info?

Someone through me a life preserver!

All times are GMT -5. The time now is 09:32 AM.