Malte Gell wrote:
in SuSEfirewall2 there is a comment that FW_ALLOW_INCOMING_HIGHPORTS_TCP is now deprecated...
I need this option set to "yes" on my server to be able to use my network scanner. If this option becomes obsolete, how the heck do I allow incoming high ports in the future?
see description of data_portrange in man saned
Finally, why are high ports blocked? Does this makes sense to block more than privileged ports?
Does it make sense to run a firewall if you open almost all ports anyways? Also saned clearly is a service for the LAN, which means internal zone ie no filtering at all. If you need to open saned to the internet ie the external zone your setup is probably flawed. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org