Need More iptable Rules

Tim ignored_mailbox at yahoo.com.au
Thu Aug 25 14:51:03 UTC 2005


Tim:

>> Otherwise, you can use the (security level) GUI tool, and just add in
>> the ports you want to trust.

Greg Swallow

> Ok, in Desktop> System Settings> Security Level Configuration and it
> wants 'port:protocol, port:protocol.' I have port 631 for ipp; i.e.  
> Internet Printing Protocol and port 548 for afp; i.e. AppleShare. but
> Fedora will not take ipp or afp as protocols. 

Not quite the way it works.  In there, "protocol" meaning as in using
TCP or UDP with that port.

e.g. 631:tcp, 548:tcp, 548:udp

Theoretically, I'd expect that I could specify ipp:tcp, and let the
system work out what port number to use for IPP services
(using /etc/services as its mapping file), and use TCP with it.

You'll want to find out whether afp uses TCP or UDP, rather than allow
both (unless both protocols are needed).

-- 
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.




More information about the fedora-list mailing list