incoming ssh/sftp blocked by iptables
William Hooper
whooperhsd3 at earthlink.net
Wed Apr 14 21:30:28 UTC 2004
Fulko.Hew at sita.aero said:
>> I enable httpd on my
>> machine so that I can test various things. I would not want my actions
>> to open the firewall behind my back. Or do you mean that the user should
>> be asked if he wants the firewall opened?
>
> I can't speak for httpd, but I expect that it would fall under the same
> rules. ie. you can enable it, but it still won't work (from outside your
> box).
> (Yup, I just tried it.)
Methinks that was his point. If you install httpd for testing having it
only reachable by localhost is a good thing.
When I installed FC2 Test2 firewall config was no different from the last
couple of Red Hat versions I installed. If you go punching firewall open
with initscripts it will come back to haunt you. I do remember the days
when installing a service defaulted to it starting and being open to the
world, and I don't like those memories.
--
William Hooper
More information about the fedora-test-list
mailing list