Am Do, den 07.07.2005 schrieb Steve Croteau um 22:13: > Alexander, > I ran the following and got this output. > Chain RH-Firewall-1-INPUT (2 references) > target prot opt source destination > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255 > ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631 UDP port 631 is open > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTAB LISHED > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:6 31 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp > dpt:6 31 Those 2 rules above look strange: is that <space> a result of mail pasting? > REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with > icmp-ho st-prohibited Did you hand edit the iptables rules file? I don't understand why the first UDP port 631 rule matches all states and then a second rule for port 631 UDP is for state NEW only. Does not do any harm but looks not like generated by system-config-securitylevel. Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp Serendipity 22:28:36 up 12 days, 5:20, load average: 0.11, 0.22, 0.17
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil