Mailinglist Archive: opensuse-project (73 mails)

< Previous Next >
Re: [opensuse-project] Default Firewall Behavior / SMBclient
  • From: Ludwig Nussel <ludwig.nussel@xxxxxxx>
  • Date: Tue, 6 Oct 2009 13:24:56 +0200
  • Message-id: <20091006132456.3e63f8a9@xxxxxxxxxxxxxx>
Andreas Jaeger wrote:
On Monday 05 October 2009 17:13:35 Jason Perlow wrote:
I don't want to remove the firewall, I think the firewall is good. All
we need is the package installed by default, the services turned on,
and the firewall rule set to permit those ports that the SMB/NMB
protocol and the active directory stuff from SAMBA uses.

Let's open a feature for this (use, I've talked
with some developers and AFAIK it's not trivial to open the firewall to
samba browsing since there's not a single well-known port - and you don't
to open it to the complete internet,


This will not be the default though. If we start doing the we'll end
up having all kinds of things enabled by default (slp, avahi, cups)
just because it's convenient. This is not what the external zone is
intended for and defeats the purpose of the firewall. A separate
zone could be configured with such defaults though. Also, fwzs could
be developed further¹.



(o_ Ludwig Nussel
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
To unsubscribe, e-mail: opensuse-project+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-project+help@xxxxxxxxxxxx

< Previous Next >