Mailinglist Archive: opensuse-security (555 mails)
| < Previous | Next > |
Re: [suse-security] Message Log Question
- From: "Martin Brecher" <m.brecher@xxxxxxx>
- Date: Wed, 09 May 2001 16:06:50 +0200
- Message-id: <14xUao-0y2i6iC@xxxxxxxxxxxxxxxxxxxxxxx>
>So, in my firewall script I have no possibility to decide if an incoming packet to a port
>in this range is to be allowed or not. If I have seperate port ranges for local and
>masqueraded connection, this decision can be based on the port range. OTOH, I don't
>know if a program cannot be told to use a port outside the local portrange. I suppose
>it can, in which case this discussion would be somewhat useless.
When using ssh as root it used <1024 when I tried.
That's quite nice because so root connection attempts from the firewall
are denied automatically by my chains.
- Martin
---
The Internet was invented as a highly dependable, high-speed, distributed, secure, and powerful network so that
in the event of a nuclear crisis, military officials would always have access to pornography.
>in this range is to be allowed or not. If I have seperate port ranges for local and
>masqueraded connection, this decision can be based on the port range. OTOH, I don't
>know if a program cannot be told to use a port outside the local portrange. I suppose
>it can, in which case this discussion would be somewhat useless.
When using ssh as root it used <1024 when I tried.
That's quite nice because so root connection attempts from the firewall
are denied automatically by my chains.
- Martin
---
The Internet was invented as a highly dependable, high-speed, distributed, secure, and powerful network so that
in the event of a nuclear crisis, military officials would always have access to pornography.
| < Previous | Next > |