Add custom application to Firewall - port unknown

Hi,

While I am not that new to Linux, Linux firewalls are not something I am yet comfortable with. So please help me.

DNSexit is a free DDNS service which has a convenient updater program (DNSexit-IP-Updater) in Windows. Luckily this program installs and loads perfectly in Linux under Wine. Now if I understand the documentation all that this program does is

  1. login to the website dnsexit.com using my username and password
  2. Retrieve my domains information (domain name and currently associated IP)
  3. Find my public IP (presumably using whatismyip.com)
  4. Compare information from Steps 2 and 3 and update the dnsexit server information if there is a change in IP.

I might be completely wrong but I think this program can do its job if it can connect to the Internet. When I run this program, it asks for the username and password information and then keeps on trying to login. This is how it behaves in Windows when I block it in ZoneAlarm.

I think this is because the firewall is blocking Internet (external zone) access to this program. I do not know which port this program uses. So I really dont know how to allow Internet access to this program using the firewall config wizard in Yast Control Center.

Please help solve this problem. A generic solution on how to add such custom programs to the allowed list in the firewall will probably be useful to a lot of firewall newbies like me.

Also I would like to humbly request that the postings to this thread be restricted to trying to solve the above problem and not suggestion on other programs which can be used instead of DNSexit-IP-Updater or any other stuff.

I did make a long attempt to google about adding custom programs to the firewall safety list in opensuse but did not find any useful links. If there are any such links and I missed them, please point to them below. I hope this thread will serve as a useful link in the future.

Thanks in advance and regards,
-Aravind

PS: Feel free to ask for log files by specifying the name of the relevant log file.

Sounds like the program only makes connections to the outside world and doesn’t require any open port for the outside world to connect to. As such, if you can already do things like surf the net, nothing special needs to be done at the firewall, and your problem is elsewhere.

As ken_yap noted, it is entirely possible that issue is not with blocked ports, but rather elsewhere. The app may appear to run under wine - but the networking under wine may be not working.

However, you are also correct that it certainly could be a firewall issue.

My suggestion is temporarily turn off the firewall and then in one terminal session run iptraf - you can install this with: zypper install iptraf

Now run the ddns program and monitor iptraf. It will show you exactly what inbound and out bound ports are being used and tell the IP (or hostname) being connected to - you will then definitively know the ports.

You can also use the netstat -tuple and netstat -natlp to show network connections and the related ports, but honestly iptraf is a great tool to have on hand.

Now allow those in your firewall and you should be good!

Good luck!

Pete