SuSEfirewall2 3.4 seems to have a big hole
Hi, older versions of SuSEfirewall2 used to have this setting: # Do you want to autoprotect all running network services on the firewall? FW_AUTOPROTECT_SERVICES="yes" but it's missing in 3.4 which comes with suse 10.0. So I have to actively close all high ports which have something running on them which I dont want to be accessible from the internet, but I do need the high ports open. Is there any way to get that old AUTOPROTECT_SERVICES setting bk (or emulated)? bye, MH -- gpg key fingerprint: 5F64 4C92 9B77 DE37 D184 C5F9 B013 44E7 27BD 763C
Mathias Homann wrote:
older versions of SuSEfirewall2 used to have this setting: # Do you want to autoprotect all running network services on the firewall? FW_AUTOPROTECT_SERVICES="yes"
but it's missing in 3.4 which comes with suse 10.0. So I have to actively close all high ports which have something running on them which I dont want to be accessible from the internet, but I do need the high ports open.
Why do you need the whole high port range open? cu Ludwig -- (o_ Ludwig Nussel //\ SUSE LINUX Products GmbH, Development V_/_ http://www.suse.de/
Am Samstag, 4. November 2006 12:39 schrieb Ludwig Nussel:
Mathias Homann wrote:
older versions of SuSEfirewall2 used to have this setting: # Do you want to autoprotect all running network services on the firewall? FW_AUTOPROTECT_SERVICES="yes"
but it's missing in 3.4 which comes with suse 10.0. So I have to actively close all high ports which have something running on them which I dont want to be accessible from the internet, but I do need the high ports open.
Why do you need the whole high port range open?
for incoming irc DCC (or so i thought). But after trying it out with the irc tracking modules loaded, and highports NOT open, DCC still works... But anyways, the autoprotect_services feature was useful, why is it gone, and when will it be back? bye, MH
participants (2)
-
Ludwig Nussel -
Mathias Homann