Port 333 is the Texar Security Port and port 113 is the auth port for the ident Authentication Service. These shouldn't be required for YOU. -- Simon Oliver

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Am Donnerstag, 8. August 2002 17:08 schrieb Markus Gaugusch:

On Aug 8, Michael Rauter wrote:

...

Does anybody know, which ports must be open for successful you-update ? I closed all ports and left only the http/s, ftp, ssh, dns ports open. I analyzed the packet trace of my firewall router and see something about port 113 and 333 when starting you.

Can't imagine that, YOU only uses FTP and for some packages (NVidia...) HTTP. FTP is tricky, though - I don't know if it is using active or passive ftp, but 113 and 333 should NOT be related to YOU in any way.

Port 113 is the ident (or auth) service. Many ftp servers start ident requests on connect; if this is "DENY"ed in the firewall, the connection has to time out on the server, which may take a while. YOU probably will work if you just take your time to drink a coffee in the meantime. Thus, you should REJECT --reject-with tcp-reset connections to port 113: for chain in INPUT OUTPUT FORWARD ; do iptables -I $chain -p tcp --destination-port 113 -j REJECT \ --reject-with tcp-reset done Don't know about port 333, though. Markus, fou4s will have the same problem in this case. Regards, Bastian PS: A couple of IRC servers will show similar behaviour as ftp servers; you may want to reject some more ports the way described above if you regularly connect to the IRC. - -- Bastian Friedrich bastian@bastian-friedrich.de Adress & Fon available on my HP http://www.bastian-friedrich.de/ \~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\ \ The future isn't what it used to be. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9UoyVlbo7EtEt1mYRAiDUAJ41a1nGg11+50IcQ2KgzGz5JpGg4ACghiOS bq0rJW1wlXAqx5GzmYHKG5Y= =bR62 -----END PGP SIGNATURE-----

Hi Thanks for your replys. But it seems to be more ports involved. I try to update from ftp.gwdg.de with YOU on a suse 7.2 box. My bintec x1200 router logs the following lines on YOU connect. The IP 80.128.1.82 is the temporary IP of the router after DSL connect. The IP 192.168.222.11 is the IP of the SuSE 7.2 box Any ideas ? Regards Michael Rauter ----------------------------------------------------------------------- Aug 9 10:51:01 isdn2 INET: NAT: refused incoming session on ifc 10008 prot 6 80.128.1.82:113 <- 134.76.11.100:49693 Aug 9 10:51:01 isdn2 INET: 0000: 45 00 00 3c e9 6f 40 00 38 06 75 ca 86 4c 0b 64 Aug 9 10:51:01 isdn2 INET: 0010: 50 80 01 52 c2 1d 00 71 6b 1f 42 6c 00 00 00 00 Aug 9 10:51:01 isdn2 INET: 0020: a0 02 16 d0 29 e1 00 00 02 04 05 b4 04 02 08 0a Aug 9 10:51:01 isdn2 INET: 0030: 08 b6 ab 03 00 00 00 00 01 03 03 00 Aug 9 10:51:02 isdn2 INET: refuse from if 10008 prot 6 134.76.11.100:49704->192.168.222.11:34126 (RI 16 FI 7) Aug 9 10:51:02 isdn2 INET: 0000: 45 00 00 3c 00 00 40 00 38 06 5f 3a 86 4c 0b 64 Aug 9 10:51:02 isdn2 INET: 0010: c0 a8 de 0b c2 28 85 4e 6b 4c 2b e1 6d 59 89 c7 Aug 9 10:51:02 isdn2 INET: 0020: a0 12 16 a0 84 ed 00 00 02 04 05 ac 04 02 08 0a Aug 9 10:51:02 isdn2 INET: 0030: 08 b6 ab 66 00 8c f1 9e 01 03 03 00 -------------------------------------------------------------------

Hi I tried the fou4s Package and it works perfect :-) Thanks again for your replies Regards Michael Rauter