Toon van der Pas
2004-Nov-16 02:58 UTC
[Shorewall-devel] Please add secure NNTP to action.AllowNNTP
Hi, I just noticed that the file action.AllowNNTP only supports normal NNTP sessions (port 119). Could you please add support for secure NNTP (port 563), analogous to the file action.AllowIMAP? The extra line should look like this: ACCEPT - - tcp 563 I''m running Shorewall-2.0.4 by the way. Thanks, Toon. -- "Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it." - Brian W. Kernighan
Tom Eastep
2004-Nov-16 07:01 UTC
[Shorewall-devel] Please add secure NNTP to action.AllowNNTP
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Toon van der Pas wrote:> Hi, > > I just noticed that the file action.AllowNNTP only supports normal > NNTP sessions (port 119). Could you please add support for secure > NNTP (port 563), analogous to the file action.AllowIMAP? The extra > line should look like this: > > ACCEPT - - tcp 563 > > I''m running Shorewall-2.0.4 by the way.I''ll include the change in the next 2.2 beta -- since you can easily modify the AllowNNTP action by copying action.AllowNNTP to /etc/shorewall and adding the line yourself, there should be no need to release the change into the 2.0 series until the next bugfix release. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBmhY9O/MAbZfjDLIRAsRYAJ4q4h7j/dJj6OfsZcuD6xCV+nKsRgCfXLQq 4J1h96ffpcrJjuo+Az+3pPQ=O/mo -----END PGP SIGNATURE-----
Toon van der Pas
2004-Nov-16 07:09 UTC
[Shorewall-devel] Please add secure NNTP to action.AllowNNTP
On Tue, Nov 16, 2004 at 07:01:17AM -0800, Tom Eastep wrote:> > Toon van der Pas wrote: > > Hi, > > > > I just noticed that the file action.AllowNNTP only supports > > normal NNTP sessions (port 119). Could you please add support for > > secure NNTP (port 563), analogous to the file action.AllowIMAP? > > The extra line should look like this: > > > > ACCEPT - - tcp 563 > > > > I''m running Shorewall-2.0.4 by the way. > > I''ll include the change in the next 2.2 beta -- since you can > easily modify the AllowNNTP action by copying action.AllowNNTP to > /etc/shorewall and adding the line yourself, there should be no > need to release the change into the 2.0 series until the next > bugfix release.I agree there is no hurry. Right now I don''t even use the action.AllowNNTP file because of the omission of secure NNTP. I''ve added my own NNTP rules to the rules file instead, because I don''t like surprises when upgrading packages. Thanks for the great tool! Toon. -- "Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it." - Brian W. Kernighan