-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2009-05-06 at 19:25 -0000, Jim Henderson wrote:
Have you ever used a product like ZoneAlarm on Windows? That's the model they're talking about, and it's very good because it puts the user in control and gives the user information.
It is a model that, AFAIK, can not be ported to Linux, simple as that. See my other mail for "why".
I saw your post, but I disagree with the logic behind your reasons.
For one thing, you assert that one Linux app can never know what port another has opened (correct me if I've misread this). Try "lsof -i" on your system sometime.
Yes, that's possible. But the packets are not linked to apps, the firewall doesn't know from which app a packet comes from (unless the packet is previously "marked"). Plus, the SuSEfirewall2 does not block outgoing packets, meaning that an application can freely send packets outside, even binding to a port for incoming packets. What the firewall will not be able to determine is that, an incoming packet from the outside is in fact meant for that application. It can be assumed, but not known, as it comes from outside. Thus the popup message given in Windows is not possible here, the firewall works very differently. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkoB58IACgkQtTMYHG2NR9Wn4ACePb+mSQgyDDMWgBeI9Y/xKb3n yCIAnRMDVme5PfnoI+tggs9+ihgnu1Vd =6u2v -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org