Hi Jürgen, Ithink you have to use "domain" instead of "dns" or "53". I hope, this will help! regards Rainer ----- Original Message ----- From: "Jürgen Mell" To: Sent: Friday, January 28, 2000 9:04 AM Subject: [suse-security] SuSE firewall script + UDP ports

Hi folks,

I would like to set up a firewall using the firewals 1.4-6 packet on a 2.2.14 kernel. My problem is, that I want to use nameserver services from the (insecure) internet and time server services. For the time servers, I have to have an open UDP port 1026 for incoming UDP connections. If I set FW_UDP_ALLOW_INCOMING_HIGHPPORTS = "dns 1026" I get error messages, which are caused by a special handling of the string 'dns' in the script. Up to now, the only solution I have found is to set that variable to 'yes', but that opens all my high UDP ports, and would really prefer to have only those ports open, which I really need. Is there a better solution available?

Jürgen

btw., it would have been nice, if the article in SuSE's support data base would mention, that the firewall script has to be restarted each time a new dial up connection has been made :-))

--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com