Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] still problems with SuSEfirewall2 rules
  • From: Jammer <Jammer@xxxxxx>
  • Date: Thu, 26 Sep 2002 17:41:43 +0200
  • Message-id: <8416441652.20020926174143@xxxxxx>
Guten Tag Andreas Meier,

Am Donnerstag, 26. September 2002 um 15:38 schrieben Sie:

AM> Hi all,

AM> i am using Suse 8.0 with the default SuSEfirewall2 settings.

AM> i add this rule into my SuSEfirewall2 script ( with advice from
AM> jammer, many thanks for quick response )

AM> FW_FORWARD_MASQ="0.0.0.0/0,192.168.0.4,tcp,4662 0.0.0.0/0,192.168.0.4,udp,4665"


AM> and i get this one

AM> Sep 26 15:33:18 keeper kernel: SuSE-FW-DROP-DEFAULT IN=eth1 OUT= MAC=00:60:9
AM> 7:be:66:08:00:05:5f:ee:10:8c:08:00 SRC=217.83.108.173 DST=62.194.178.214 LEN=78
AM> TOS=0x00 PREC=0x00 TTL=118 ID=39213 PROTO=UDP SPT=1464 DPT=137 LEN=58
AM> Sep 26 15:33:22 gatekeeper kernel: SuSE-FW-DROP-DEFAULT IN=eth1 OUT= MAC=00:60:9
AM> 7:be:66:08:00:05:5f:ee:10:8c:08:00 SRC=217.83.108.173 DST=62.194.178.214 LEN=78
AM> TOS=0x00 PREC=0x00 TTL=118 ID=51501 PROTO=UDP SPT=1464 DPT=137 LEN=58


AM> Thanks

I think that has nothing to to with the 'edonkey'-Rule:
Your Firewall is dropping UDP Packets to Destiabtion-Port 137, thats
Netbios, so your Windows shares..
I think its a good Idea not to have anyone accessing Netbios from Outside world.

So don't Panic..
do you get a High Donkey ID now?




--
"The axiom 'An honest man has nothing to fear from the police'
is currently under review by the Axiom Review Board" -- Terry Prachett, "Men At Arms"


< Previous Next >
This Thread
References