How to configure iptables or firewall to enable access to eth0

I configured my eth0 with a public IP address, but looks like the firewall of SUSE linux 10 is blocking it, how can I enable it from the command line ?  
At the time I try to ping my server here's what my server's log file is reporting:

Jan 29 18:53:07 atksuse kernel: ll header: 00:1d:09:64:49:f2:00:1b:0c:c2:1a:99:08:00
Jan 29 18:53:12 atksuse kernel: martian source 12.9.192.75 from 69.239.42.161, on dev eth0
Jan 29 18:53:12 atksuse kernel: ll header: 00:1d:09:64:49:f2:00:1b:0c:c2:1a:99:08:00
Jan 29 18:53:18 atksuse kernel: martian source 12.9.192.75 from 69.239.42.161, on dev eth0
Jan 29 18:53:18 atksuse kernel: ll header: 00:1d:09:64:49:f2:00:1b:0c:c2:1a:99:08:00
Jan 29 18:55:47 atksuse kernel: martian source 12.9.192.75 from 12.43.19.106, on dev eth0
Jan 29 18:55:47 atksuse kernel: ll header: 00:1d:09:64:49:f2:00:1b:0c:c2:1a:99:08:00
Jan 29 18:55:50 atksuse kernel: martian source 12.9.192.75 from 12.43.19.106, on dev eth0
Jan 29 18:55:50 atksuse kernel: ll header: 00:1d:09:64:49:f2:00:1b:0c:c2:1a:99:08:00
henry007Asked:
Who is Participating?
 
ravenplConnect With a Mentor Commented:
> martian source 12.9.192.75 from 69.239.42.161, on dev eth0
says that on eth0 arrived packet with source IP set to 69.239.42.161
but if the box is going to send reply, routing table directs the packet via default route, which is set to eth1
Linux (and majority of routers) consider such packet invalid - someone tries to spoof source IP.
And BTW, it has nothing to do with firewall - it's routing routine.

Now, can You tell me why the default route is set to
> default via 192.168.2.1 dev eth1

shouldn't the default gateway be set to one of 12.9.192.[73 - 78] on eth0?
0
 
fridomCommented:
The rules of the firewall can be printed like this:
iptables -L

I don't know if Suse provides some special tool for configuration of firewalls (I guess something will be there). If you find the ICMP Echo stuff blocked you have to add a rule allowing thos requests.

Regards
Friedrich
0
 
ravenplCommented:
Do You have more than one eth cards in the box? It looks like. If it's so, then You can't configure both with public addresses.

What You experiencing are packets from mars seen on eth0 device.
about packets from mars http://en.wikipedia.org/wiki/Martian_packet

in a nutshell, You ping the box on eth0, but the linux (according to configured routes) shall send reply packet via other interface than eth0. So it drops that packet. It's normal and desired.

please post outputs from following commands
ip addr
ip route
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
henry007Author Commented:
atksuse:~ # ip addr
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:1d:09:64:49:f2 brd ff:ff:ff:ff:ff:ff
    inet 12.9.192.75/29 brd 12.9.192.79 scope global eth0
    inet6 fe80::21d:9ff:fe64:49f2/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:1d:09:64:49:f0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.10/24 brd 192.168.2.255 scope global eth1
    inet6 fe80::21d:9ff:fe64:49f0/64 scope link
       valid_lft forever preferred_lft forever
4: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0


atksuse:~ # ip route
12.9.192.72/29 dev eth0  proto kernel  scope link  src 12.9.192.75
192.168.2.0/24 dev eth1  proto kernel  scope link  src 192.168.2.10
169.254.0.0/16 dev eth0  scope link
127.0.0.0/8 dev lo  scope link
default via 192.168.2.1 dev eth1
0
 
henry007Author Commented:
I think you are right, please tell me the command to change the gateway to 12.9.192.73

I think based on what you just said will fix the problem
0
 
henry007Author Commented:
I changed it

atksuse:/etc/apache2 # ip route
12.9.192.72/29 dev eth0  proto kernel  scope link  src 12.9.192.75
192.168.2.0/24 dev eth1  proto kernel  scope link  src 192.168.2.10
169.254.0.0/16 dev eth0  scope link
127.0.0.0/8 dev lo  scope link
default via 12.9.192.73 dev eth0

now I can ping out but no ssh , no ping , no anything can come in.

atksuse:/etc/apache2 # ping 69.239.42.161
PING 69.239.42.161 (69.239.42.161) 56(84) bytes of data.
64 bytes from 69.239.42.161: icmp_seq=1 ttl=245 time=15.9 ms
64 bytes from 69.239.42.161: icmp_seq=2 ttl=245 time=15.6 ms
64 bytes from 69.239.42.161: icmp_seq=3 ttl=245 time=16.1 ms
64 bytes from 69.239.42.161: icmp_seq=4 ttl=245 time=15.9 ms
64 bytes from 69.239.42.161: icmp_seq=5 ttl=245 time=15.5 ms
64 bytes from 69.239.42.161: icmp_seq=6 ttl=245 time=15.3 ms
0
 
henry007Author Commented:
notes for me : here's the file to add the gateway : /etc/sysconfig/network/routes
0
All Courses

From novice to tech pro — start learning today.