I’ve got opensuse 11.2 on my desktop. I’ve got the network setup and working fine with the firewall running. I can do whatever I need on the internet. I’ve got my ethernet adapter set up as an “External Zone.” My problem is that I cannot do anything on the local area network while the firewall is running. I want to allow all activity from my wife’s PC (IP address) and I want to be able to print to my networked printer. It seems to me that I need to set up an internal zone for this, but it looks like you can only have one zone per adapter. Is that true? If so, how do I set up the firewall so I have complete access to my wife’s PC and vice versa? If it’s not true, how do I set up an internal zone to allow any connection from her IP address, or a range of addresses?
I think you need to open the Firewall application and go to allowed services on the left and add protocols as being allowed to the External Zone. By default. the External Zone would be your local network and you need to enable those services you are trying to use your openSUSE computer with. For instance for File Sharing with Windows PC’s I add Samba Client, Samba Server And Netbios Server. Each network activity has to be using some sort of known client or server protocol and you need to allow it to work from your Linux PC to the External Zone Local Network.
Thank You,
On Sun February 13 2011 07:06 pm, Yippee38 wrote:
>
> I’ve got opensuse 11.2 on my desktop. I’ve got the network setup and
> working fine with the firewall running. I can do whatever I need on the
> internet. I’ve got my ethernet adapter set up as an “External Zone.”
> My problem is that I cannot do anything on the local area network while
> the firewall is running. I want to allow all activity from my wife’s PC
> (IP address) and I want to be able to print to my networked printer. It
> seems to me that I need to set up an internal zone for this, but it
> looks like you can only have one zone per adapter. Is that true? If
> so, how do I set up the firewall so I have complete access to my wife’s
> PC and vice versa? If it’s not true, how do I set up an internal zone
> to allow any connection from her IP address, or a range of addresses?
>
>
Yippee38;
Go to YaST–>Security and Users–>Firewall–>Allowed Services. You can open
up the ports you need for various applications. If you are behind a NAT
router, it may also help to set the local network as trusted.
Yast–>system–>/etc/sysconfig Editor. There expand Network, then Firewall
and SuSEfirewall2 choose FW_TRUSTED_NETS add your local network(s) and
protocols and or ports here.
e.g. 192.168.0.0/24,tcp,udp,icmp
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
You guys are the best.
I was struggling with a similar problem. On one machine I could connect the VirtualBox guest to the network, on the other I couldn’t. The OS were the same everything seemed the same, but one worked and the other didn’t .
I checked firewall, adapter, network settings… AGGGH.
But then I found your article:
Yast–>system–>/etc/sysconfig Editor–>Network–>Firewall–>SuSEFirewall2–>
MASQUERADING was turned ON on the machine that did NOT work, it was turned OFF on the machine that DID work.
Turned off Masquerading and POW! Now it works:
FW_MASQUERADE=No
FW_MASQ_DEV=""
Thanks for the tip.
Cheers, Andy