On Sun, 2005-04-10 at 20:24 -0700, Mickael Maddison wrote: {snip} > I'm curious... there seems to be a couple of default firewall rules > that I'm not familiar with in the CentOS 4.0 These are also present in RHEL-4 and FC-3 from RedHat :) {snip} > Particularly, the 5353 udp allowing from 224.0.0.251 and the 631 udp. > Anyone know what these are for, and if they should be disabled? The 5353 udp is multicast DNS (or mDNS for short) ... here are a couple links: http://files.multicastdns.org/draft-cheshire-dnsext-multicastdns.txt http://www.multicastdns.org/ The 631 udp port is for "Internet Printing Protocol". It is how cupsd sees external printers. Here are some details: http://mirror.centos.org/centos/4/docs/html/rhel-sag-en-4/s1-printing-sharing.html ------------------------------------------- Also ... specifically from the RHEL-4 release notes: "system-config-securitylevel The firewall constructed by the system-config-securitylevel configuration tool now allows CUPS and Multicast DNS (mDNS) browsing. Note that, at the present time, these services cannot be disabled by system-config-securitylevel." ------------------------------------------- SO ... if the box needs to do either mDNS or CUPS printer browsing, you need them enabled. If not, you can remove them. Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20050411/b28ae28c/attachment-0005.sig>