Am Mittwoch, 24. September 2008 schrieb Ludwig Nussel:
Jan Ritzerfeld wrote:
However, the strange part for me is that "avahi-resolve -n KY623B6B.local" works fine. The summary of nss-mdns tells me that it would use a running avahi deamon. I have a avahi deamon running, but nss-mdns tries to resolve the name via mdns by itself. And failes, because of the firewall.
try "echo mdns off >> /etc/host.conf". There is a patch in glibc that make glibc itself resolve the .local zone instead of using nss_mdns.
Oh, I assumed that this patch was replaced/obsoleted by nss-mdns. Wouldn't it be a good idea either to add "mdns off" when installing nss-mdns automatically, or to remove the glibc patch?
[...] You could use FW_TRUSTED_NETS or FW_SERVICES_ACCEPT_EXT to allow only the IP range of your LAN. [...]
You convinced me of adding my internal IP range to FW_TRUSTED_NETS. :) Gruß Jan -- Les États-Unis d'Amérique forment un pays qui est passé directement de la barbarie à la décadence, sans jamais avoir connu la civilisation. -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org