Discussion:
AutoYaST and firewall configuration
Johnny Ernst Nielsen
2004-07-12 08:26:17 UTC
Permalink
Good day,

has anyone found a solution to this problem in SUSE 9.0 Pro.?:
(Originally posted by David Carter -- see http://lists.suse.com/
archive/suse-autoinstall/2003-Dec/0008.html)
Problem #2: Firewall configuration
==================================
/sbin/yast2 autoyast provides a screen for configurating a firewall
<firewall>
<fw_allow_fw_traceroute>yes</fw_allow_fw_traceroute>
<fw_autoprotect_services>yes</fw_autoprotect_services>
<fw_dev_ext>eth0</fw_dev_ext>
<fw_dev_int></fw_dev_int>
<fw_log_accept_all>no</fw_log_accept_all>
<fw_log_accept_crit>yes</fw_log_accept_crit>
<fw_log_drop_all>no</fw_log_drop_all>
<fw_log_drop_crit>yes</fw_log_drop_crit>
<fw_masq_nets></fw_masq_nets>
<fw_masquerade>no</fw_masquerade>
<fw_protect_from_internal>yes</fw_protect_from_internal>
<fw_route>no</fw_route>
<fw_services_ext_tcp>ssh</fw_services_ext_tcp>
<start_firewall config:type="boolean">true</start_firewall>
</firewall>
The yast postinstall script which runs says "Setting up firewall",
2003-12-08 12:38:45 <1> magenta-4(2667) [YCP]
clients/autoinst_configure.ycp:105
Writing configuration for firewall
-rw-r--r-- 1 root root 26770 Dec 8 12:35 SuSEfirewall2
and iptables doesn't acquire any rules. Does autoyast support
SuSEfirewall yet? It is conspicuous by its absence in the
http://www.suse.de/~nashif/autoinstall/9.0/html/index.html
I have Googled the internet, read the Unofficial SuSE FAQ, searched
the SuSE archives I know of, and searched the SuSE Support DataBase.
No luck.

Best regards :o)

Johnny :o)
Nigel Horne
2004-07-12 10:01:51 UTC
Permalink
How do you add more than one option to a mouse in the mouse driver database held in /usr/X11R6/lib/sax/api/data/cdb/Pointers?

According to the top of the file the format is 'Option = string,string', however
this doesn't document the semantics of the line and the docs give no examples.

Say I want to set two options when /etc/X11/XF86Config is created by SaX2:
Option "Foo" "123"
Option "Xyzzy" "456"

The comment at the top of the file doesn't tell you how to do this in the Pointers file. I've tried all the following combinations:
1)
Option = Foo,123
Option = Xyzzy,456

2)
Option = Foo,123,Xyzzy,456

3)
Option = Foo=123,Xyzzy=567

All of this is needed to network load the synaptics mouse driver that needs umpteen options.

-Nigel
Johnny Ernst Nielsen
2004-07-14 16:24:12 UTC
Permalink
Post by Johnny Ernst Nielsen
Good day,
(Originally posted by David Carter -- see http://lists.suse.com/
archive/suse-autoinstall/2003-Dec/0008.html)
Problem #2: Firewall configuration
==================================
[SNIP]

Good day,

aparantly AutoYast ignores the settings specified in the firewall
section of the autoinst.xml file.

However, there is a workaround.
Specify the external interface in a sysconfig section (as well as
other wanted sysconfig settings).
Specify runlevel sections where the three SuSEfirewall2-parts (init,
setup and final) are enabled.

Best regards :o)

Johnny :o)

Loading...