Custom firewall rules will not import into iptables using SuSEfirewall2.

(Last modified: 07Mar2005)

This document (10096846) is provided subject to the disclaimer at the end of this document.

fact

SuSEfirewall2

Novell Linux Desktop

SUSE LINUX Personal

SUSE LINUX Professional

SUSE LINUX Enterprise Server 9

SUSE LINUX Enterprise Server 8

Novell Linux

symptom

Custom firewall rules will not import into iptables using SuSEfirewall2.

The same custom firewall rules file used on a different server (a SLES 8 server, in this example) will not import into iptables on another server (a SLES 9 server, in this example).

The commands "iptables-save" and "iptables -L" do not show any custom firewall rules or IP addresses from the custom firewall rules file.

Errors in SuSEFirewall2 iptables custom rules file.

Errors reported when SuSEfirewall2 custom rules load.

cause

Transfer or manipulation of the custom filter file caused it to become corrupted.

The corruption was at the beginning of the file and was not visible when viewed normally in a text editor.

fix

*************************************************
1. Find and repair the corruption with one of these methods:
*************************************************
"md5sum good.file ; md5sum bad.file" (compare the results: if the bad.file has a different md5sum than the good.file, then it may be corrupted)
"vimdiff -b good.file bad.file" (find and delete the corruption)
"hexdump -C bad.file|less" (locate the corruption visually, remove with:)
"vi -b bad.file"

**********************************************************
1a. or recopy the corrupted file and verify that it is no longer currupted:
**********************************************************
"md5sum original.file ; md5sum recopied.file" 

**************************************************************************
2. Reload SuSEfirewall2 from the command line as root (or start it, if it isn't already running):
**************************************************************************
"/etc/init.d/SuSEfirewall2_setup reload" or
"/etc/init.d/SuSEfirewall2_setup start"

************************************
3. Verify the configuration and custom rules:
************************************
This will import the custom rules into iptables.
Watch for command line errors when starting SuSEfirewall2.
Find and fix any errors in the custom rules file, reported as iptables loads.

document

Document Title:	Custom firewall rules will not import into iptables using SuSEfirewall2.
Document ID:	10096846
Solution ID:	NOVL101230
Creation Date:	04Mar2005
Modified Date:	07Mar2005
Novell Product Class:	Linux

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.