a new question on iptables and port 5353
Paul Allen Newell
pnewell at cs.cmu.edu
Sun Mar 25 05:31:23 UTC 2012
To all:
With help from Craig and Reindl, I've understood what happens with the
automated entry of port 631 for udp/tcp and how to rewrite to not make
it a world access (in/out) rule. Waiting for next install of F16 to test
when and how the automated entry happens.
I saw this entry in iptables but decided to wait on asking about it
until I understood port 631:
+++
-A INPUT -m state --state NEW -m udp -p udp --dport 5353 -d 224.0.0.251
-j ACCEPT
+++
I know I didn't add it. From what I can tell, port 224.0.0.251 has to do
with "multicast DNS". Everything I see about port 5353 involves Macs.
My gut says that, since I have no Macs, this must be something that got
added when I installed my printer and that CUPS/whatever did a blanket
automated entry to cover any issues if I had a Mac on my net.
Can anyone tell me if I am right (or, if not, what it really is). I feel
I should be able to blast it from iptables without having any problems,
but want some better minds to comment first.
Thanks,
Paul
More information about the users
mailing list