A bit paranoid? There's no predicting what port someone will run a music stream on. Often it's just a plain old http url, but sometimes they will run several ports to increase session count or provide multiple different streams.
It would be easiest to allow the SB's to initiate anything they wanted to the outside world: it's not like the older models have enough memory to even think about running spamming software (not to mention it would be tricky to get it on there) and opening sessions started from an 'inside' machine are nowhere near as dangerous as allowing outsiders in... restricting inside machines completel is nigh impossible if they need to be usable: darned near anything can be tunnelled over https, for example, and blocking 443 would cripple most PC usage. Is whatever you're using for a router able to distinguish between 'established' connections? In psuedofirewallese: allow from internal -> external allow from external -> internal established deny all -- snarlydwarf ------------------------------------------------------------------------ snarlydwarf's Profile: http://forums.slimdevices.com/member.php?userid=1179 View this thread: http://forums.slimdevices.com/showthread.php?t=79489 _______________________________________________ discuss mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/discuss
