* Carlos E. R. (robin1.listas@tiscali.es) [030613 13:54]:
Yes, I have:
FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS domain"
That should work then. It's OK to just open all of the high udp ports though.
(although 1024 might not be really a high port :-? )
It is, the inequality in "ports below than 1024" is strict.
But, during boot, I always see:
Starting Firewall Initialization (phase 3 of 3) <notice>'/etc/init.d/rc5.d/S10cups start' exits with status 0 <notice>/etc/init.d/rc5.d/S11SuSEfirewall2_final start Warning: FW_SERVICE_DNS defined, but no DNS server found running!
I have never botthered about that, because DNS is in fact running (as cache, I'm not interested in serving queries from outside, so it listens only on the internal interface), and anyway, after the modem goes up, the script calls susefirewall again and the rules get reloaded:
It seems like it's doing the right thing. Maybe you have the nameserver bound to 127.0.0.1? -- -ckm