"Jean-Francois" <jfsimon1...@gmail.com> writes: > I just don't understand why the range tcp 6000:6010 shall be available from > localhost.
To speak with X using tcp. If you launch X with the option "-nolisten tcp", you can block it. If you have "set skip on lo" in your pf.conf, every ports will be open for localhost, so you do not need to open them. -- Guillaume Pinot http://www.irccyn.ec-nantes.fr/~pinot/ + Les grandes personnes ne comprennent jamais rien toutes seules, et c'est fatigant, pour les enfants, de toujours leur donner des explications... ; -- Antoine de Saint-Exupiry, Le Petit Prince () ASCII ribbon campaign -- Against HTML e-mail /\ http://www.asciiribbon.org -- Against proprietary attachments
