I’d be happy about some hints about how to configure SUSE’s firewall. I know how to configure iptables itself but SUSE’s firewall confuses me.
This is my network’s structure:
The machine has got two interfaces eth0 and eth1 with are bond to bond0.
bond0 has been splitted into several vlans: vlan2, vlan3, vlan4, vlan5.
These again are bridged to make them useable by Xen: vbr2, vbr3, vbr4, vbr5.
Via vbr4 the machine is connected to the internet. It should be fully opened on vbr2 and vbr3 but on vbr5 no traffic should go into or leave the machine - but for Xen all traffic through all interfaces still has to be accessable.
Is it possible to configure SUSE’s firewall this way? (And how? ;))
Quetschke wrote:
> This is my network’s structure:
> The machine has got two interfaces eth0 and eth1 with are bond to
> bond0.
> bond0 has been splitted into several vlans: vlan2, vlan3, vlan4,
> vlan5.
> These again are bridged to make them useable by Xen: vbr2, vbr3, vbr4,
> vbr5.
>
> Via vbr4 the machine is connected to the internet. It should be fully
> opened on vbr2 and vbr3 but on vbr5 no traffic should go into or leave
> the machine - but for Xen all traffic through all interfaces still has
> to be accessable.
>
> Is it possible to configure SUSE’s firewall this way? (And how? ;))
/etc/sysconfig/SuSEfirewall2 :
Type: string
25.)
Do you want to load customary rules from a file?
This is really an expert option. NO HELP WILL BE GIVEN FOR THIS!