Dave Howorth wrote:
Rui Santos wrote:
Now you have two options: 1) Use Yast -> Security and Users -> Firewall -> Custom Rules -> Firewall Zone: Internal -> Add a souce 192.168.0.4 with UDP protocol with source port 127. 2) Place FW_SERVICES_ACCEPT_INT="192.168.0.4,udp,,127" onto /etc/sysconfig/SuSEfirewall2 and restart your SuSE firewall with rcSuSEfirewall2 restart
It's a long while since I did anything like this ... but doesn't that open the proxy to attack on any other udp port, as long as the attacker uses port 127 on his machine? IIRC one solution is to match the incoming packet against the original outgoing one. Does SuSEfirewall have that sort of capability, or some alternative?
I don't think so. The firewall will only accept packets originating from IP 192.168.0.4. All other IP's are rejected/droped... The syntax is "SOURCE_IP,PROTOCOL,DPORT,SPORT"
Cheers, Dave
-- Rui Santos http://www.ruisantos.com/ Veni, vidi, Linux! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org