"Jean-Francois" writes:
> I just don't understand why the range tcp 6000:6010 shall be available from
> localhost.
To speak with X using tcp. If you launch X with the option "-nolisten
tcp", you can block it.
If you have "set skip on lo" in your pf.conf, every ports will be open
for localhost,
I made a mistake, in fact I deny access by default even to those ports that
are normally available from localhost.
I did this because I see nothing listening to those ports, and gnome is
running through sockets.
I just don't understand why the range tcp 6000:6010 shall be available from
localhost
ropers writes:
> I don't understand. Why are you not running a default deny setup?
Maybe because this pf.conf is the default one.
> On 29 August 2010 14:45, Jean-Francois wrote:
> > Hi,
> >
> > One question, I run gnome on openbsd 4.7 and apparently there is
> > no reason to keep the following
I don't understand. Why are you not running a default deny setup?
On 29 August 2010 14:45, Jean-Francois wrote:
> Hi,
>
> One question, I run gnome on openbsd 4.7 and apparently there is no reason to
> keep the following rule since nothing listens to those ports on my machine.
>
> block in on ! l
Hi,
One question, I run gnome on openbsd 4.7 and apparently there is no reason to
keep the following rule since nothing listens to those ports on my machine.
block in on ! lo0 proto tcp to port 6000:6010
I verified with netstat that there is nothing listening to any of tcp ports in
the range 6
5 matches
Mail list logo
