Finally upgraded my main system to FC4. This was a clean install from CD. yum update completed over night. I noticed the following entries in the iptables rules: -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited Looked through the release notes and did not see anything related to ports 5353, 50, 51, or 631. Why is port 5353 open by default? From searching around this appears to have something to do with multi cast DNS which seems to be tied to Apple iTunes. I don't believe I installed anything that would need access to Apple iTunes. I also don't understand why ports 50 and 51 are open. I don't plan on setting up a VPN at the moment and I don't know why these would be open by default on a new install. I'm also wondering about port 631 being open by default. I know this is used for ipp printing but I have not setup this machine to provide print services yet. Is there a bugzilla entry on closing these? Or is there a reason these ports are left open?
