[Firewall] Other possible bug in dyndns plugin

Gustin Johnson gustin at meganerd.ca
Thu Jul 14 19:40:48 CEST 2011


On Thu, Jul 14, 2011 at 6:09 AM, ∫imøn ㋡ <simon at simonbcn.net> wrote:
> I think the user is who must decide if open or not all ports to an IP. It is
> assumed that when he does this is because he is fully confident in that IP.
> In my case, for example, I want open all ports of my remote server to my own
> PC (I'm the administrator).

You can still do this if you want.  Just define a range that includes
all 65535 ports for any given host.  I agree with Arno that the
default behavior should be closed.  The user still gets to choose, but
must explicitly set all ports as open if that is what he or she wants
to do.

> If I want open all ports to my PC, it's much more comfortable define only
> the IP without ports.

Sure it is easier, but one of the reasons for using a script like this
is the secure by default approach that helps to prevent end users from
leaving something open by accident.

Just my 2c


More information about the Firewall mailing list