linux-fn64:~ # SuSEfirewall2 status
<35>Mar 13 13:41:31 SuSEfirewall2[6119]: SuSEfirewall2 not active
linux-fn64:~ # SuSEfirewall2 start
<38>Mar 13 13:41:40 SuSEfirewall2[6131]: Setting up rules from /etc/sysconfig/SuSEfirewall2 ...
<38>Mar 13 13:41:40 SuSEfirewall2[6131]: using default zone 'ext' for interface eth0
<38>Mar 13 13:41:41 SuSEfirewall2[6131]: Firewall rules successfully set
linux-fn64:~ # SuSEfirewall2 status
### iptables filter ###
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
2 458 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:5353 PKTTYPE = multicast
0 0 input_ext all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-IN-ILL-TARGET "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-FWD-ILL-ROUTING "
Chain OUTPUT (policy ACCEPT 2 packets, 128 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
Chain forward_ext (0 references)
pkts bytes target prot opt in out source destination
Chain input_ext (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* sfw2.insert.pos */ PKTTYPE != unicast
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain reject_func (0 references)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable
### iptables mangle ###
Chain PREROUTING (policy ACCEPT 2 packets, 458 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 2 packets, 458 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2 packets, 128 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 2 packets, 128 bytes)
pkts bytes target prot opt in out source destination
### iptables nat ###
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1 packets, 64 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 1 packets, 64 bytes)
pkts bytes target prot opt in out source destination
### iptables raw ###
Chain PREROUTING (policy ACCEPT 2 packets, 458 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2 packets, 128 bytes)
pkts bytes target prot opt in out source destination
### iptables security ###
Chain INPUT (policy ACCEPT 2 packets, 458 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2 packets, 128 bytes)
pkts bytes target prot opt in out source destination
### ip6tables filter ###
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all lo * ::/0 ::/0
0 0 ACCEPT all * * ::/0 ::/0 ctstate ESTABLISHED
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ctstate RELATED
0 0 ACCEPT udp * * ::/0 ::/0 udp dpt:546
0 0 ACCEPT udp * * ::/0 ::/0 udp dpt:5353 PKTTYPE = multicast
0 0 input_ext all * * ::/0 ::/0
0 0 LOG all * * ::/0 ::/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-IN-ILL-TARGET "
0 0 DROP all * * ::/0 ::/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 LOG all * * ::/0 ::/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-FWD-ILL-ROUTING "
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all * lo ::/0 ::/0
0 0 ACCEPT icmpv6 * * ::/0 ::/0
Chain forward_ext (0 references)
pkts bytes target prot opt in out source destination
Chain input_ext (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all * * ::/0 ::/0 PKTTYPE = broadcast
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 128
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 133
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 134
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 135
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 136
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 137
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 130
0 0 DROP all * * ::/0 ::/0 /* sfw2.insert.pos */ PKTTYPE != unicast
0 0 LOG tcp * * ::/0 ::/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
0 0 LOG icmpv6 * * ::/0 ::/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
0 0 LOG udp * * ::/0 ::/0 limit: avg 3/min burst 5 ctstate NEW LOG flags 6 level 4 prefix "SFW2-INext-DROP-DEFLT "
0 0 DROP all * * ::/0 ::/0
Chain reject_func (0 references)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp * * ::/0 ::/0 reject-with tcp-reset
0 0 REJECT udp * * ::/0 ::/0 reject-with icmp6-port-unreachable
0 0 REJECT all * * ::/0 ::/0 reject-with icmp6-addr-unreachable
0 0 DROP all * * ::/0 ::/0
### ip6tables mangle ###
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
### ip6tables nat ###
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
### ip6tables raw ###
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
### ip6tables security ###
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
linux-fn64:~ #
linux-fn64:~ # SuSEfirewall2 stop
<38>Mar 13 13:41:59 SuSEfirewall2[6352]: Firewall rules unloaded.
linux-fn64:~ # SuSEfirewall2 status
<35>Mar 13 13:42:03 SuSEfirewall2[6393]: SuSEfirewall2 not active
linux-fn64:~ #