I think i need to explain little more about the problem/situation..
Please note i am talking about desktop PC which will be used only by one user (say me).
I want a tool which will alert me(may be by opening a popup window) if some program tries to open a port(it may be a incomming or outgoing connection request)
and it also prompt me for approval.If i approve(by providing su password) connection should be accepted automatically.
Presently i have the following senarion :
1. whenever i am going to execute some program which needs an open port it is dropped silently.
2. Then I am looking into the log and checking which port the program trying to open
3. Then I need to open the port manually from YAST Firewall
4. Then execute the program again
For a desktop PC/laptop user I belive this is too much effort to run a simple IRC/messanger like program.
I also want alert message
1. if some one from a remote machine tries to connect my computer
2. if some one from a remote machine tries to run a port scanner on my ip
Does any one have any idea on how to do this??..I f anyone need any clarification please tell me i will clarify again if needed.
Thanks
Prasun
----- Original Message ----
From: John Andersen
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tuesday, 2009-05-05 at 00:37 +0930, Rodney Baker wrote:
I think what he may be referring to is something like BitTorrent or other uPnP-capable apps. Many DSL-type routers these days support uPnP where BT can punch a hole in the firewall to allow sharing during the period when it is running - when the app closes the firewall should automatically shut off the port again.
Ah, yes. It triggers when it sees certain port going out, and responds by opening certain other ports going in. It may combine with NAT by sending those incoming packets to the computer that "opened" the door in the wall first.
I tried it, and didn't work so well, my router hung. A fixed configuration seems to be more reliable.
Personally, I don't like the idea, but it is out there and it does work. I'm not sure though that openSuse firewall (or iptables generally) supports it though.
No, I have no idea how to implement that. Some clever scripting, perhaps.
- -- Cheers, Carlos E. R.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkn/N0QACgkQtTMYHG2NR9WrvwCfccrudU9HE2YgRn3a6yynI1QO 0LgAnjjdntVMxUhUEFzuD86vaga7mkw7 =4VWV -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Shorewall supports UPNP. Shorewall is a far easier to manage and more flexible than Susefirewall. Shorewall is simply a tool for setting up iptables. http://www.shorewall.net/UPnP.html But, I agree with others, UPNP is NOT a good idea. -- ----------JSA--------- Someone stole my tag line, so now I have this rental. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org