On Sun, 2005-04-10 at 20:24 -0700, Mickael Maddison wrote: {snip}
I'm curious... there seems to be a couple of default firewall rules that I'm not familiar with in the CentOS 4.0
These are also present in RHEL-4 and FC-3 from RedHat :)
{snip}
Particularly, the 5353 udp allowing from 224.0.0.251 and the 631 udp. Anyone know what these are for, and if they should be disabled?
The 5353 udp is multicast DNS (or mDNS for short) ... here are a couple links: http://files.multicastdns.org/draft-cheshire-dnsext-multicastdns.txt http://www.multicastdns.org/
The 631 udp port is for "Internet Printing Protocol". It is how cupsd sees external printers. Here are some details: http://mirror.centos.org/centos/4/docs/html/rhel-sag-en-4/s1-printing-sharin... ------------------------------------------- Also ... specifically from the RHEL-4 release notes:
"system-config-securitylevel
The firewall constructed by the system-config-securitylevel configuration tool now allows CUPS and Multicast DNS (mDNS) browsing. Note that, at the present time, these services cannot be disabled by system-config-securitylevel." ------------------------------------------- SO ... if the box needs to do either mDNS or CUPS printer browsing, you need them enabled. If not, you can remove them.
Thanks, Johnny Hughes