On Mon, Sep 16, 2013 at 02:52:07AM +0800, P J P wrote:
Hi,
I upgraded to F19 recently. And I happened to look at the output of iptables(8) today.
$ iptables -nL
It's baffling! It's crazy 4 pages long listing!!
You seem to have missed this Fedora *18* feature:
https://fedoraproject.org/wiki/Features/firewalld-default
Why
are there so many chains? Most are empty. Those which have rules, jump
from one chain to another and that jumps to yet another.
firewall-cmd is supposed to isolate user from all this chains.
Multicast
DNS is allowed in the internal network(chain IN_internal_allow). I
guess IN_internal_allow is meant for some closed group internal
network, not sure.
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353 ctstate
NEW
Who uses it?
That's mDNS, widely used in zeroconf discovery (for example, printers).
--
Tomasz Torcz "Funeral in the morning, IDE hacking
xmpp: zdzichubg(a)chrome.pl in the afternoon and evening." - Alan Cox