[CentOS] Default Firewall Entries

Mon Apr 11 10:22:49 UTC 2005
Johnny Hughes <mailing-lists at hughesjr.com>

On Sun, 2005-04-10 at 20:24 -0700, Mickael Maddison wrote:
{snip}
> I'm curious... there seems to be a couple of default firewall rules
> that I'm not familiar with in the CentOS 4.0

These are also present in RHEL-4 and FC-3 from RedHat :)

{snip}
> Particularly, the 5353 udp allowing from 224.0.0.251 and the 631 udp.
> Anyone know what these are for, and if they should be disabled?

The 5353 udp is multicast DNS (or mDNS for short) ... here are a couple
links:
http://files.multicastdns.org/draft-cheshire-dnsext-multicastdns.txt
http://www.multicastdns.org/


The 631 udp port is for "Internet Printing Protocol".  It is how cupsd
sees external printers. Here are some details:
http://mirror.centos.org/centos/4/docs/html/rhel-sag-en-4/s1-printing-sharing.html
-------------------------------------------
Also ... specifically from the RHEL-4 release notes:

"system-config-securitylevel

The firewall constructed by the system-config-securitylevel
configuration tool now allows CUPS and Multicast DNS (mDNS) browsing.
Note that, at the present time, these services cannot be disabled by
system-config-securitylevel."
-------------------------------------------
SO ... if the box needs to do either mDNS or CUPS printer browsing, you
need them enabled.  If not, you can remove them.

Thanks,
Johnny Hughes


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20050411/b28ae28c/attachment-0005.sig>