Well, that's certainly promising, I'll check it out. Vielen Dank, Simon "You can tell whether a man is clever by his answers. You can tell whether a man is wise by his questions." — Naguib Mahfouz ----- Original Message ----
From: Andreas
To: opensuse@opensuse.org Sent: Thursday, January 1, 2009 5:44:00 PM Subject: Re: [opensuse] saned and firewalls Am Mittwoch, 31. Dezember 2008 10:15:44 schrieb Simon Roberts:
Hi all,
Has anyone used the networked form of sane? I notice that it is seriously firewall unfriendly, opening a data connection on a random port. Since my local network is wireless, it does not suit me to run without a firewall on my machines, so this need for wide-openness really won't work.
It looks like this is currently a fixed part of the behavior of saned right now, but does anyone have a workaround, or patch to make it use a fixed port or anything that would actually work on a firewalled system?
I checked out the current development code from the sane project, and the new default sane.config file seems to indicate that work has been done about the data connections: --------------------------------------------------------- # saned.conf # Configuration for the saned daemon
## Daemon options # Port range for the data connection. Choose a range inside [1024 - 65535]. # Avoid specifying too large a range, for performance reasons. # # ONLY use this if your saned server is sitting behind a firewall. If your # firewall is a Linux machine, we strongly recommend using the # Netfilter nf_conntrack_sane connection tracking module instead. # # data_portrange = 10000 - 10100 ---------------------------------------------------------
For more info, I suggest you ask upstream at http://www.sane-project.org
-- Gruß Andreas -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org