Hi!

I found on the Internet, no solution to my problem. I have a simple
firewall script with which I only want to do a icmp to "www.google.at",
with the PC behind the firewall.
I created my script in the folder "/ etc / init.d" and the links to "/
etc/rc.d/rc3.d" and on "rc5.d" with the names "S99fw_forward". For test
purposes, the file has "chmod 777" received.

When the Server is booting, I see how the script is executed. After
booting the variable "ip_forward" is set to 1 (If don't start my Script,
it would be 0). That means the script has been executed definitive.
However, I can not ping from the PC behind the firewall.

If i run my Script manually, i can make the icmp to "www.google.at" and
i can normaly use the Internet (with the PC behind the Firewall).

This is my current file (only a few things to test). Maybe that lines
are not correct for a Firewall, but its only a test.


Code:
--------------------
# / Bin / bash
#------------------------------------------------- -------------
# File: fw_forward
#------------------------------------------------- -------------
echo "- fw_forward starts"
echo "---------------------------"

R = "/ usr / sbin / iptables"
UNPRIVPORTS = "1025:65535"

#()----------------------------------------------- ------------
echo "- Routing Switch"
echo "1"> / proc/sys/net/ipv4/ip_forward

#()----------------------------------------------- ------------------------
echo "- remove all previous FORWARD rules (if already available)"
$ R-F FORWARD
$ R-P FORWARD DROP
$ R-P INPUT DROP
$ R-P OUTPUT DROP
$ R-F
$ R-F-t nat

#()----------------------------------------------- ------------------------
echo "- all through routes (Holiday)"
$ R-A FORWARD-j ACCEPT

#()----------------------------------------------- ------------------------
echo "- ping through routes"
$ R-A FORWARD-p icmp-j ACCEPT

#------------------------------------------------- ----------------------
echo "- fw_forward finished"
--------------------



Why is my script starting up on boot, but the function works only when
I start it manually?

It seems that any program oder function overwrite the iptables after my
script. The standard "SuseFirewall" ist definitely truned off. I also
can see that the "SuSeFirewall2" ist turned off in the
"Runlevel-Editor".
Are there any other things i have to configure or to deactivate?

I posted my problem in 2 other german linux and opensuse forums, but
there is no one that can help me.
I know crossposting is frowned, but i thought it would be better, if i
ask my question to a SLES Forum.

Thats the german postings (translated with google):
'Google ‹bersetzer'
(http://translate.google.com/translat...t37803&act=url)
'Google ‹bersetzer'
(http://translate.google.com/translat...n-2008859.html)

Regards,
Domsi


--
Domsik
------------------------------------------------------------------------
Domsik's Profile: http://forums.novell.com/member.php?userid=122307
View this thread: http://forums.novell.com/showthread.php?t=450455