"Workstation" Product defaults to wide-open firewall
Bastien Nocera
bnocera at redhat.com
Mon Dec 8 09:51:20 UTC 2014
----- Original Message -----
>
> Am 08.12.2014 um 09:38 schrieb Paul Howarth:
> > FWIW, this is mentioned in the release notes:
> >
> > http://docs.fedoraproject.org/en-US/Fedora/21/html/Release_Notes/sect-Products.html#Products-Workstation
> >
> > 2.3.3. Developer oriented firewall
> >
> > Developers often run test servers that run on high numbered ports, and
> > interconnectivity with many modern consumer devices also requires these
> > ports. The firewall in Fedora Workstation, firewalld, is configured to
> > allow these things.
> >
> > Ports numbered under 1024, with the exceptions of
> > sshd and clients for samba and DHCPv6, are blocked to prevent access to
> > system services. Ports above 1024, used for user-initiated
> > applications, are open by default.
>
> WTF - "developer oriented firewall" on workstation?
>
> i doubt it is smart that by default my running Eclipse
> accepts incoming connections from the WAN (that i am
> paied for IT security prevents that but only here)
>
> tcp 0 0 0.0.0.0:20080 0.0.0.0:*
> LISTEN 8669/java
>
> tcp 0 0 0.0.0.0:10137 0.0.0.0:*
> LISTEN 8669/java
>
> tcp 0 0 0.0.0.0:9000 0.0.0.0:*
> LISTEN 8669/java
>
> udp 0 0 0.0.0.0:4321 0.0.0.0:*
> 8669/java
That's an Eclipse bug, surely.
More information about the devel
mailing list