I have a server running some basic services to the web ( smtp,dns,http,pop). Normally to do that i have a fixed IP 24.xxxx
Now i want manage the DNS myself so buy to my provider one additional IP.
The hardware connection is:
cablemodem ---- (single utp cable) ---- server ---- switch to internal net
After fight some days i can get running vlan at boot time, i get the vlan with different mac address, and i have the fixed IP (200.xxx).
enp0s10 Link encap:Ethernet HWaddr 00:00:00:00:00:00
enp0s11 Link encap:Ethernet HWaddr 00:00:00:00:00:8B
enp0s12 Link encap:Ethernet HWaddr 00:00:00:00:00:8C
inet addr:200.xxxxxx >>>>virtual<<<<
now my problem is SuSEfirewall2, all ports on enp0s12 seem closed when i run a external test.
I need at least port 53 open. I try edit on /etc/sysconfig/SuSEfirewall
Also try execute in hand:
iptables -A INPUT -i enp0s12 -p tcp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o enp0s12 -p tcp --sport 53 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i enp0s12 -p udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o enp0s12 -p udp --sport 53 -m state --state ESTABLISHED -j ACCEPT
But the test still say “all ports closed”. Searching the logs i found:
SuSEfirewall2: Setting up rules from /etc/sysconfig/SuSEfirewall2 …
SuSEfirewall2: using default zone ‘ext’ for interface enp0s12
SuSEfirewall2: Firewall customary rules loaded from /root/bin/SuSEfirewall2-custom
schweb kernel: 8542.274025] net_ratelimit: 24 callbacks suppressed
schweb kernel: 8542.274043] IPv4: martian source XXXXXXXXXXXXXXXXXXXXXXXXx
into /var/log/firewall i didnt found any reference to enp0s12. Like not exist accepted or rejected packets.
My ISP say that they have all ports open
I will appreciate any clue.