Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
Susefirewall & BIND 9
  • From: "Manfred Meerkoetter" <meerkoetter@xxxxxxxxxxxxxx>
  • Date: Wed, 11 Jul 2001 15:01:10 +0200
  • Message-id: <200107111301.PAA05825@xxxxxxxxxxxxxxxxx>
Hi

I use a box with suse linux 7.1 and kernel 2.2.x to connect a small
network via DSL to the internet. I use the SuSEfirwall script in
version 4.3 and it works fine. The problem is named when I install
named as caching-only nameserver and have the option
FW_AUTOPROTECT_GLOBAL_SERVICES = "yes" in my
firewall.rc.config the script will generate a rule to block the high-port
on which named is expecting the answer.

I have set FW_ALLOW_INCOMING_HIGHPORTS_UTP = "yes",
but the rule to block the port is generated before the ACCEPT 1024-
65355 rule.

What's my mistake ?

Greeting
Manfred Meerk├Âtter

G├Ânnheimer Elektronic GmbH
Dr. Julius Leber Str. 2
67433 Neustadt
Tel. 06321/49919-13
Fax. 06321/49919-41

< Previous Next >
Follow Ups