a new question on iptables and port 5353
Anthony Messina
amessina at messinet.com
Sun Mar 25 07:51:56 UTC 2012
On 03/25/2012 12:31 AM, Paul Allen Newell wrote:
> To all:
>
> With help from Craig and Reindl, I've understood what happens with the
> automated entry of port 631 for udp/tcp and how to rewrite to not make
> it a world access (in/out) rule. Waiting for next install of F16 to test
> when and how the automated entry happens.
>
> I saw this entry in iptables but decided to wait on asking about it
> until I understood port 631:
> +++
> -A INPUT -m state --state NEW -m udp -p udp --dport 5353 -d 224.0.0.251
> -j ACCEPT
> +++
>
> I know I didn't add it. From what I can tell, port 224.0.0.251 has to do
> with "multicast DNS". Everything I see about port 5353 involves Macs.
>
> My gut says that, since I have no Macs, this must be something that got
> added when I installed my printer and that CUPS/whatever did a blanket
> automated entry to cover any issues if I had a Mac on my net.
>
> Can anyone tell me if I am right (or, if not, what it really is). I feel
> I should be able to blast it from iptables without having any problems,
> but want some better minds to comment first.
>
> Thanks,
> Paul
This is for avahi-daemon - multicast DNS.
--
Anthony - http://messinet.com - http://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20120325/5fd45f47/attachment.sig>
More information about the users
mailing list