Carlos wrote:
Hello
Hi Carlos,
i have one question about the suse firewall.
I have one server with the next services:
ssh, http, ftp and maio (25 and 110)
the FW_ALLOW_INCOMING_HIGHPORTS_TCP variable to set to No is one bad
idea?
IMHO it is a good idea to always do that...
if i put this value to no the ftp runs well? i have the ftp service
alloed into the FW_SERVICES_EXT_TCP variable.
Well, you should also open a few dedicated ports ( eg: 40000:40050 ) to
allow Extended Passive Mode to work correctly.
Of you do not want to open those ports, you could always use the
FW_LOAD_MODULES option with ip_conntrack_ftp.
Thanks
--
Rui Santos
http://www.ruisantos.com/
Veni, vidi, Linux!
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
