incoming ssh/sftp blocked by iptables
Will Backman
whb at ceimaine.org
Wed Apr 14 20:39:57 UTC 2004
> I would think that the startup script for SSH should
> also punch a hole in iptables in a similar manner.
>
>
> Any comments before I Bugzilla it?
>
This is not a recent change. I think the special case was added because
ntp uses UDP, and it is hard to use a "related" rule to let a response
back in.
You can easily customize the firewall during install.
I guess you could ask "Should we always open up incoming ports for
services being started?". I don't know if this is a good idea for a
default.
More information about the fedora-test-list
mailing list