Linux Firewall HOWTO
I stumbled upon a Brief Introduction to Firewalls that aims to help newbies at making their first steps in the linuxland building a firewall. Well, all right. I do recommend this for all of you that want to set up a linux box and (also) use it as a firewall. With a note. This author obviously thinks all services in existence use both, TCP and UDP, connections. Not so: HTTP (ports 80 and 443) only runs over TCP, SSH (port 22) only runs through TCP, and so on for TCP, POP, FTP, ... In contrast, NTP runs only through UDP. And for DHCP you also need to permit access for raw ethernet frames, not just for UDP packets.Of course in theory anything running over TCP can be made to run over UDP, and the other way around, but it's not always practical and so in practise does not.
But that doesn't stop IANA to assign the ports for both, TCP and UDP, to services. So, basically, the author is correct in providing such examples. But I would never, for example, permit a port 80 UDP access, as there is nowhere a web browser or server that does UDP connections, as far as I know.
posted by AlesS @ 3/27/2006 10:58:00 AM
0 Comments:
Post a Comment
<< Home