[Firewall] Other possible bug in dyndns plugin

Arno van Amersfoort arnova at rocky.eld.leidenuniv.nl
Mon Jul 18 15:21:54 CEST 2011


Maybe it should flag an error although I'm not sure this is something 
that can be easily implemented. I'll have a look at it.

a.

On 7/14/2011 20:01, ∫imøn ㋡ wrote:
>
>
> El 14/07/11 19:40, Gustin Johnson escribió:
>> On Thu, Jul 14, 2011 at 6:09 AM, ∫imøn ㋡<simon at simonbcn.net> wrote:
>>> I think the user is who must decide if open or not all ports to an
>>> IP. It is
>>> assumed that when he does this is because he is fully confident in
>>> that IP.
>>> In my case, for example, I want open all ports of my remote server to
>>> my own
>>> PC (I'm the administrator).
>> You can still do this if you want. Just define a range that includes
>> all 65535 ports for any given host. I agree with Arno that the
>> default behavior should be closed. The user still gets to choose, but
>> must explicitly set all ports as open if that is what he or she wants
>> to do.
> Ok, then Arno's Firewall should show an error when it detects an IP
> without ports in that conf file. Don't you agree? Now it says nothing.
>>
>>> If I want open all ports to my PC, it's much more comfortable define
>>> only
>>> the IP without ports.
>> Sure it is easier, but one of the reasons for using a script like this
>> is the secure by default approach that helps to prevent end users from
>> leaving something open by accident.
>>
>> Just my 2c
>> _______________________________________________
>> Firewall mailing list
>> Firewall at rocky.eld.leidenuniv.nl
>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>> Arno's (Linux IPTABLES Firewall) Homepage:
>> http://rocky.eld.leidenuniv.nl
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl

-- 
Arno van Amersfoort
E-mail    : arnova at rocky.eld.leidenuniv.nl
Donations are welcome through Paypal!
---------------------------------------------------------------------------
Arno's (Linux IPTABLES Firewall) Homepage:
http://rocky.eld.leidenuniv.nl


More information about the Firewall mailing list