Mailinglist Archive: opensuse-security (224 mails)
| < Previous | Next > |
Re: [suse-security] How to open a protocol with SuSEfirewall2
- From: Miguel Albuquerque <mfoacs@xxxxxxxxxxxxx>
- Date: 09 Feb 2003 17:48:13 +0100
- Message-id: <1044809293.2453.5.camel@xxxxxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 2003-02-09 at 17:09, T. Ermlich wrote:
> maybe I misunderstood the SuSEfirewall2 describtions, but how to open
a protocol?
> Ports are opened eg. by the lines
> FW_SERVICES_EXT_TCP="..."
> FW_SERVICES_EXT_UDP="..."
> But how to handle protocols?
>
[sniped from /etc/SuSEfirewall2]
# Choice: leave empty or any number of ports, known portnames (from
# /etc/services) and port ranges seperated by a space. Port ranges are
# written like this: allow port 1 to 10 -> "1:10"
# e.g. "", "smtp", "123 514", "3200:3299", "ftp 22 telnet 512:514"
# For FW_SERVICES_*_IP enter the protocol name (like "igmp") or number
("2")
[snip]
ie.:
FW_SERVICES_EXT_TCP="http ftp pop3 smtp ssh 10000"
# Common: domain
FW_SERVICES_EXT_UDP="domain"
# Common: domain
# For VPN/Routing which END at the firewall!!
FW_SERVICES_EXT_IP=""
Peace.
--
"The Man, he is not; he becomes." - NEHER.
.-. e-SecureNet
/v\ We Run SuSE Project Manager
// \\ *The LINUX Experts* c/o Miguel Albuquerque
/( )\ Av. Miremont 46
^^-^^ 1202 - GE, SWITZERLAND
NATEL 079 543 1935
http://counter.li.org Linux user #301007
mailto:mfoacs@xxxxxxxxxxxxx http://mfoacs.e-workshop.ch
----------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Gnome PGP version 0.4
iD8DBQE+RoYYlhxWYRfZRJQRAoDYAJ9QDiV58Ib0dc0ZIkP0vRQhydEfFQCffinn
qwIdCcJCvQn3/6ZfdF5rrB8=
=o1iU
-----END PGP SIGNATURE-----
Hash: SHA1
On Sun, 2003-02-09 at 17:09, T. Ermlich wrote:
> maybe I misunderstood the SuSEfirewall2 describtions, but how to open
a protocol?
> Ports are opened eg. by the lines
> FW_SERVICES_EXT_TCP="..."
> FW_SERVICES_EXT_UDP="..."
> But how to handle protocols?
>
[sniped from /etc/SuSEfirewall2]
# Choice: leave empty or any number of ports, known portnames (from
# /etc/services) and port ranges seperated by a space. Port ranges are
# written like this: allow port 1 to 10 -> "1:10"
# e.g. "", "smtp", "123 514", "3200:3299", "ftp 22 telnet 512:514"
# For FW_SERVICES_*_IP enter the protocol name (like "igmp") or number
("2")
[snip]
ie.:
FW_SERVICES_EXT_TCP="http ftp pop3 smtp ssh 10000"
# Common: domain
FW_SERVICES_EXT_UDP="domain"
# Common: domain
# For VPN/Routing which END at the firewall!!
FW_SERVICES_EXT_IP=""
Peace.
--
"The Man, he is not; he becomes." - NEHER.
.-. e-SecureNet
/v\ We Run SuSE Project Manager
// \\ *The LINUX Experts* c/o Miguel Albuquerque
/( )\ Av. Miremont 46
^^-^^ 1202 - GE, SWITZERLAND
NATEL 079 543 1935
http://counter.li.org Linux user #301007
mailto:mfoacs@xxxxxxxxxxxxx http://mfoacs.e-workshop.ch
----------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Gnome PGP version 0.4
iD8DBQE+RoYYlhxWYRfZRJQRAoDYAJ9QDiV58Ib0dc0ZIkP0vRQhydEfFQCffinn
qwIdCcJCvQn3/6ZfdF5rrB8=
=o1iU
-----END PGP SIGNATURE-----
| < Previous | Next > |