What | Removed | Added |
---|---|---|
Assignee | matthias.gerstner@suse.com | bnc-team-screening@forge.provo.novell.com |
On another computer, I recorded the difference in iptables (iptables -nL). The older working version of susefirewall2 has several extra rules under Chain input_ext (1 references) target prot opt source destination LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW udp dpt:111 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW tcp dpt:111 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW udp dpt:2049 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW tcp dpt:2049 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW udp dpt:41695 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:41695 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW tcp dpt:45341 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:45341 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW udp dpt:41695 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:41695 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW tcp dpt:45341 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:45341 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW udp dpt:34754 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:34754 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW tcp dpt:60251 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:60251 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW udp dpt:34754 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:34754 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW tcp dpt:60251 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:60251 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW udp dpt:20048 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:20048 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 ctstate NEW tcp dpt:20048 LOG flags 6 level 4 prefix "SFW2-INext-ACC-RPC " ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:20048