Firewall
Miloslav Trmač
mitr at volny.cz
Mon Dec 6 20:25:05 UTC 2010
Tomasz Torcz píše v Po 06. 12. 2010 v 21:01 +0100:
> Yeah, general discovery. From the top of my head:
> - Pulseaudio sinks and sources
> - libvirt instances for virt-manager
> - VNC desktops for Vinagre
> - local web pages (think SOHO router config page) for zeroconf
> enabled Webbrowsers like Epiphany
> - remote disk management (udisks)
> - local FTP sites and WebDAV shares shown in nautilus places
>
> And this is all blocked by default Fedora firewall settings (5353/udp).
These really sound like something that "should" be caught by the default
"enable related packets" rule - if the kernel sees an outgoing mDNS
request, it temporarily enables replies to the same port. If the kernel
doesn't do this already, teaching this to the kernel soulds like the
cleanest solution.
Mirek
More information about the devel
mailing list