Hi folks, I would like to set up a firewall using the firewals 1.4-6 packet on a 2.2.14 kernel. My problem is, that I want to use nameserver services from the (insecure) internet and time server services. For the time servers, I have to have an open UDP port 1026 for incoming UDP connections. If I set FW_UDP_ALLOW_INCOMING_HIGHPPORTS = "dns 1026" I get error messages, which are caused by a special handling of the string 'dns' in the script. Up to now, the only solution I have found is to set that variable to 'yes', but that opens all my high UDP ports, and would really prefer to have only those ports open, which I really need. Is there a better solution available? Jürgen btw., it would have been nice, if the article in SuSE's support data base would mention, that the firewall script has to be restarted each time a new dial up connection has been made :-))
Hi Jürgen,
Ithink you have to use "domain" instead of "dns" or "53". I hope, this will
help!
regards
Rainer
----- Original Message -----
From: "Jürgen Mell"
Hi folks,
I would like to set up a firewall using the firewals 1.4-6 packet on a 2.2.14 kernel. My problem is, that I want to use nameserver services from the (insecure) internet and time server services. For the time servers, I have to have an open UDP port 1026 for incoming UDP connections. If I set FW_UDP_ALLOW_INCOMING_HIGHPPORTS = "dns 1026" I get error messages, which are caused by a special handling of the string 'dns' in the script. Up to now, the only solution I have found is to set that variable to 'yes', but that opens all my high UDP ports, and would really prefer to have only those ports open, which I really need. Is there a better solution available?
Jürgen
btw., it would have been nice, if the article in SuSE's support data base would mention, that the firewall script has to be restarted each time a new dial up connection has been made :-))
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (2)
-
E_u_R_Frohne@t-online.de
-
J�rgen Mell