On Thu, Apr 04, 2013 at 01:31:35PM +0200, Togan Muftuoglu wrote:
On 04/04/2013 01:19 PM, Marcus Meissner wrote:
remove it from the generic FW_SERVICES_EXT_TCP line, and add to the FW_SERVICES_ACCEPT_EXT line: something like the ssh example: FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh"
Been there already does not work and of course EXT_UDP is not including 5060 :(
FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh 0/0,udp,5060,,hitcount=3,blockseconds=180,recentname=voip"
Is this two lines or one? I just tried to block zeroconf: FW_SERVICES_ACCEPT_EXT="0/0,udp,5353,,hitcount=3,blockseconds=180,recentname=zeroconf" dmesg|grep 5353 gives e.g entries like: [1392831.200160] SFW2-INext-DROPr IN=eth0 OUT= MAC=01:00:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:SRC=<ip> DST=224.0.0.251 LEN=64 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=44 "SFW2-INext-DROPr" is the drop target. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org