http://bugzilla.novell.com/show_bug.cgi?id=551282
http://bugzilla.novell.com/show_bug.cgi?id=551282#c31
--- Comment #31 from Ludwig Nussel 2009-12-14 08:58:37 CET ---
I didn't know about that one (and overlooked it in your comment).
I'm not sure it's that useful though. You'd have to use something
like FW_SERVICES_ACCEPT_RELATED_EXT="0/0,tcp" to make it work in a
generic way. ie accept all related packets from everywhere.
Preconfiguring saned to use a specific port range might be better.
And now that I the above config snippet, I remember that we did just
that for the ftp servers. pure-ftpd and vsftpd use 30000-30100 by
default. The same method could be used for saned, provided that it
indeed works like passive ftp on both client and server side. See
for example /etc/sysconfig/SuSEfirewall2.d/services/vsftpd and
/etc/vsftpd.conf from vsftpd
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.