Hi there,
I would like to find out more information about built-in firewall in openSUSE. Do I have to configure it somehow or is that firewall is ready to use (am I fully protected)? If not what I have to do to set firewall up properly?
- muzofan,
depends on what you run on your machine. What it does in the default configuration is it blocks any traffic to your machine which isn’t part of a process you initiated. It basically does what the XP firewall does on Windows, or ZoneAlarm or whatever. Let’s say you try to access a http site: It will let your data to the remote server through, as well as the replies from that server.
If somebody tries to access a webserver on your machien, it will block access.
It will NOT nag you with popups and stuff like that which only show you that you have a great personal firewall installed 
SuSEfirewall2 is just a configuration tool for iptables. There are more GUI tools out there you can try. Depends on what you need. Nobody will ever guarantee you you are fully protected.
Uwe
IMHO you’re fully protected as buckesfeld said. Did you have any particular process/processes in mind (e.g. Torrents, Samba, whatever) that you are concerned about?
Yast is the simplest way to setup the firewall. I prefer Webmin if any special configuration is needed.
You will also want to look at your network cards config in Yast to set it to an Internal(completely open) or external (no incoming connections accepted) zone.
Then go to the firewall’s configuration in Yast or other utility of choice to fine tune the rules.
I apologize if I looks like hijack this thread, but I also have same question.
When I’m try to scan my system using my ip address, it show something like this:
80/tcp open http
111/tcp open rpcbind
2000/tcp open callbook
7634/tcp open hddtemp
My question is how to block port 2000 and 7634 used by two above service without removing the software? I can’t find the option in YaST Firewall. There are only Allowed Services.
And how important it is to allow rpcbind port open?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Are you scanning your system from an other system or from the system
itself? If the system itself, don’t… that’s not a valid test. If
another, make sure 2000 and 6734 are not listed in the Allowed Services
(Advanced section probably to be specific) and they should be blocked.
Good luck.
init7 wrote:
| I apologize if I looks like hijack this thread, but I also have same
| question.
| When I’m try to scan my system using my ip address, it show something
| like this:
|
| Code: |
|---|
| 80/tcp open http |
| 111/tcp open rpcbind |
| 2000/tcp open callbook |
| 7634/tcp open hddtemp |
| -------------------- |
| My question is how to block port 2000 and 7634 used by two above |
| service without removing the software? I can’t find the option in YaST |
| Firewall. There are only Allowed Services. |
| And how important it is to allow rpcbind port open? |
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIl+pk3s42bA80+9kRAvvvAJ9uQ5w13JXvYYly1/zifcRHNzRgPACeMOfB
CIf+qHxkUwRq5E/gMQNw2xA=
=RmBT
-----END PGP SIGNATURE-----
Watch it… leave 7634/tcp open hddtemp alone, because when you block that one, you can’t read out the temp of hard disk drives and CPUs anymore. When it is configured alright, hddtemp should use this port and redirects anything to 127.0.0.1 So it shouldn’t be a problem at all. See also man hddtemp.
First of all I use my machine as ordinary user. I don’t run any servers or services. So I assume default configuration of my firewall is good enough.
Thanks a lot for all your posts.
Thank you all for the answer!
@ab@novell.com
Yes, I scan it from the system itself. When I read your post, I remote login to the office server and scan my laptop, and now it show 3 different port that are closed!
Now I know why you say it not valid test! Looks like I’m too paranoid.
@LJHkmp
Thanks for the information!