[Techtalk] Firewall settings

Mon Jan 16 07:00:04 EST 2006

On Saturday 14 January 2006 15:55, David Sumbler wrote:
> When I execute 'iptables -L -b' on my Fedora Core 4 system the output
> includes these lines:
>
> target     prot opt in     out     source               destination
>
> ACCEPT     udp  --  any    any     anywhere             224.0.0.251        
> udp dpt:5353 ACCEPT     udp  --  any    any     anywhere            
> anywhere            udp dpt:ipp REJECT     all  --  any    any     anywhere
>             anywhere            reject-with icmp-host-prohibited
>
> I have omitted the "pkts" and "bytes" columns; there was traffic
> relating to lines 1 and 3, but not to line 2.
>
> What is port 5353, and why is it open for traffic to 224.0.0.251?
> What does that IP address represent?

That's a multicast port for ZeroConf, I believe. It's also used for ITunes, 
which doesn't sound applicable to Fedora. Check in /etc/services to see what 
it says.

>
> Ipp seems to be internet printing protocol; why would I need this
> port (631) open?
>

That's the CUPS port, and it needs to be open for printing to work. Access 
controls are in cupsd.conf. This is a barebones config that allows only local 
printing:

LogLevel info
Port 631
<Location />
Order Deny, Allow
Deny From All
Allow From 127.0.0.1
</Location>

To share it over a network, add an allow directive for the LAN and a broadcast 
address, like

LogLevel info
Port 631
<Location />
Order Deny, Allow
Deny From All
Allow From 127.0.0.1
Allow From 192.168.1.*
</Location>
BrowseAddress 192.168.1.255

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Carla Schroder
 check out my "Linux Cookbook", the ultimate Linux user's
 and sysadmin's guide! http://www.oreilly.com/catalog/linuxckbk/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~