Hi, A new functionality "Ports for SuSEfirewall added via packages" (FATE #300687) has been added to YaST in openSUSE 10.3. Of course, this functionality needed to be implemented in SuSEfirewall2 first (since openSUSE 10.2 thanks to Ludwig). So what is it all about and why am I writing about it to this mailing-list? In older versions of YaST Firewall, there was a hard-coded list of so called "Known Services" (e.g., Samba Server or DNS Server) with defined ports to be open in firewall but this list didn't reflect the current state of installed packages and it was a pain to add a new service there. What the current solution offers? * Only installed services are offered in YaST Firewall to be open. * Abstraction layer for SuSEfirewall2 that increases the security. * Solved conflicting services - lighthttpd vs. apache2, nfs vs. nis. * No need for hard-coded and not-maintained static list. More detailed information: http://en.opensuse.org/SuSEfirewall2/Service_Definitions_Added_via_Packages Some of you have been already assigned to a bugzilla enhancement, that requests adding such configuration file into your packages and more will probably come. PS: Just a small change for using these services in YaST. Using the hard-coded list is an obsolete functionality but still remains the same, for using the new definition of services, you need to identify the service by "service:${service-id}". Thanks & Bye Lukas -- Lukas Ocilka, YaST Developer (xn--luk-gla45d) ----------------------------------------------------------------- SUSE LINUX, s. r. o., Lihovarska 1060/12, Praha 9, Czech Republic