Mailinglist Archive: opensuse-project (73 mails)

< Previous Next >
Re: [opensuse-project] Default Firewall Behavior / SMBclient
  • From: Ludwig Nussel <ludwig.nussel@xxxxxxx>
  • Date: Tue, 6 Oct 2009 13:24:56 +0200
  • Message-id: <20091006132456.3e63f8a9@xxxxxxxxxxxxxx>
Andreas Jaeger wrote:
On Monday 05 October 2009 17:13:35 Jason Perlow wrote:
I don't want to remove the firewall, I think the firewall is good. All
we need is the package installed by default, the services turned on,
and the firewall rule set to permit those ports that the SMB/NMB
protocol and the active directory stuff from SAMBA uses.

Let's open a feature for this (use http://features.opensuse.org), I've talked
with some developers and AFAIK it's not trivial to open the firewall to
enable
samba browsing since there's not a single well-known port - and you don't
want
to open it to the complete internet,

FW_CONFIGURATIONS_EXT="samba-client"

This will not be the default though. If we start doing the we'll end
up having all kinds of things enabled by default (slp, avahi, cups)
just because it's convenient. This is not what the external zone is
intended for and defeats the purpose of the firewall. A separate
zone could be configured with such defaults though. Also, fwzs could
be developed further¹.

cu
Ludwig

[1] http://lizards.opensuse.org/2009/08/28/firewall-zone-switcher-updated/

--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
To unsubscribe, e-mail: opensuse-project+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-project+help@xxxxxxxxxxxx

< Previous Next >