Mailinglist Archive: opensuse (770 mails)

< Previous Next >
Re: [opensuse] Router firewall vs openSUSE firewall
On 29/08/12 01:00, John Andersen wrote:
On 8/28/2012 3:29 AM, Bob Williams wrote:

My system is openSUSE 12.1 running KDE 4.9 behind a NAT router (Draytek
2800v) which incorporates its own configurable firewall.

I'm also running a minidlna server linked through the router to my
Blueray player. When I disable the openSUSE firewall, I can browse the
directories on my computer from the TV and view/play media files. If I
enable the openSUSE firewall, the server is not seen.

Is it safe to rely on the router firewall alone, combined with NAT,
always accepting that safety is a relative term?

Conversely, has anyone successfully set up minidlna through the openSUSE
firewall, and if so, what settings did you use?


Bob: You really don't need a firewall in opensuse, because you don't have
a ton of ports open, over which you have no control. If there is nothing
listening on a port, you aren't going to have any issues with people trying
to connect. Simply controlling what is listening is sufficient.

I run both ssh and rsync servers, protected by key pairs.

However, if you are a belt and suspenders man, you can configure the
suse firewall to pass DLNA data.

There is a applet in Yast2 that lets you configure the firewall, so you
can allow DLNA.
You need to open ports on the firewall using the configuration tool in
as indicated at the bottom of that page.

Bear in mind that you may want to turn off upnp on the router
because some Dlan devices will use upnp to open ports to the public
side of your router.

I tried doing it with the YaST tool, but found it didn't work. I now
have it set up by following instructions from Togan Muftuoglu in the
other half of this thread.


Bob Williams
System: Linux 3.1.10-1.16-desktop
Distro: openSUSE 12.1 (x86_64) with KDE Development Platform: 4.9.00
"release 555"
Uptime: 06:00am up 15:53, 1 user, load average: 0.10, 0.12, 0.44
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >