Mailinglist Archive: opensuse (3506 mails)

< Previous Next >
Re: [SLE] Firewall zones
  • From: Paul Abrahams <abrahams@xxxxxxx>
  • Date: Thu, 28 Sep 2006 00:27:16 +0000 (UTC)
  • Message-id: <200609272027.09650.abrahams@xxxxxxx>
On Wednesday 27 September 2006 7:17 pm, Anders Johansson wrote:
> On Wed, 2006-09-27 at 18:23 -0400, Paul Abrahams wrote:
> > 192.168.0.1/255,tcp,139,udp,137,udp,138
>
> Is 192.168.0.1 an IP address for a single machine, or are you trying to
> define a network here? If it's a single machine, skip the / and just use
> 192.168.0.1. If it's a network, 255 is wrong. The number is the number
> of bits in the netmask, most common is 24, for a network where all the
> computers share the three first numbers
>
> If it is a single machine, the line should look like
>
> 192.168.0.1,tcp,139 192.168.0.1,udp,137 192.168.0.1,udp,138

It's a network, and 192.168.0.0/24 as the value of FW_TRUSTED_NETS did the
trick. That's better than the explicit tcp/udp specification since it
effectively puts that subnet into the internal zone for all services -- just
what I want.

Paul


< Previous Next >