[Bug 510248] New: SuSEFirewall should include sensible presets for UPNP servers
http://bugzilla.novell.com/show_bug.cgi?id=510248 Summary: SuSEFirewall should include sensible presets for UPNP servers Classification: openSUSE Product: openSUSE 11.2 Version: Factory Platform: All OS/Version: Other Status: NEW Severity: Enhancement Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: bugzilla@go4more.de QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (compatible; Konqueror/4.2; Linux; de, en-US, en) KHTML/4.2.88 (like Gecko) SUSE At the moment you cannot easily run a media server like MediaTomb or Twonky on a openSUSE box, as the firewall blocks the relevant ports. Even if the network interface is configured as "internal zone", in which case all traffic is allegedly allowed, this is not changed Solution is to add custom rules for UDP port 1030 and TCP ports 1900, 9080 and 9000. As UPNP servers are pretty standard nowadays, there should be the following changes in the firewall setup: - For network devices assigned to the internal zone, all these ports should be usable (the description of the firewall - all traffic allowed - obviously misleading already implies that) - For network devices of the external zone there shoulfd be an rule preset for this usage. Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=510248
Marcus Meissner
http://bugzilla.novell.com/show_bug.cgi?id=510248
User lnussel@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=510248#c1
Ludwig Nussel
User-Agent: Mozilla/5.0 (compatible; Konqueror/4.2; Linux; de, en-US, en) KHTML/4.2.88 (like Gecko) SUSE
At the moment you cannot easily run a media server like MediaTomb or Twonky on a openSUSE box, as the firewall blocks the relevant ports.
Those packages should install a service file for SuSEfirweall2 that specifies the relevant ports. See http://en.opensuse.org/SuSEfirewall2/Service_Definitions_Added_via_Packages So you need to file bugs for the maintainers of those packages.
Even if the network interface is configured as "internal zone", in which case all traffic is allegedly allowed, this is not changed
Impossible :-) Please attach the output of "SuSEfirewall2 status". -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=510248
User bugzilla@go4more.de added comment
http://bugzilla.novell.com/show_bug.cgi?id=510248#c2
Alex Müller
http://bugzilla.novell.com/show_bug.cgi?id=510248
User bugzilla@go4more.de added comment
http://bugzilla.novell.com/show_bug.cgi?id=510248#c3
--- Comment #3 from Alex Müller
http://bugzilla.novell.com/show_bug.cgi?id=510248
User lnussel@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=510248#c4
Ludwig Nussel
http://bugzilla.novell.com/show_bug.cgi?id=510248
User bugzilla@go4more.de added comment
http://bugzilla.novell.com/show_bug.cgi?id=510248#c5
--- Comment #5 from Alex Müller
http://bugzilla.novell.com/show_bug.cgi?id=510248
User bugzilla@go4more.de added comment
http://bugzilla.novell.com/show_bug.cgi?id=510248#c6
--- Comment #6 from Alex Müller
participants (1)
-
bugzilla_noreply@novell.com