Re: SunScreen and Broadcasts
From: dpk (dpk_at_egr.msu.edu)
Date: 04/11/05
- Previous message: Crist J. Clark: "SunScreen and Broadcasts"
- In reply to: Crist J. Clark: "SunScreen and Broadcasts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 11 Apr 2005 09:29:56 -0400 To: cjclark@alum.mit.edu
Crist J. Clark wrote:
[snip]
> Now I think that would be a pretty cool feature _iff_ there are
> BIG RED FLASHING WARNINGS telling you about it AND there exist
> a knob or knobs to turn this behavior off. I have been unable
> to get this information yet, waiting for the days to weeks
> turnaround from Sun support. Anyone know of workarounds besides
> just avoiding "BROADCAST" services? I'm also trying to figure
> out which service would allow port 9002/udp broadcasts. I think
> it has something to do with "udp_datagram_fwd," but I'm not
> sure how to correlate that to a SunScreen service.
The service * should be a big red flashing warning to you in the first
place. Are you sure you really want to allow everything? You might try
looking at the service "common", which is probably closer to what you
really want. Even better, used a stripped down version of it by
copying/modifying it to fit your needs.
> I should also mention that I would like to do all administration
> of this firewall from the CLI. Any advice on how to "correctly"
> kill off the Apache server and other stuff that supports the
> GUI?
/usr/lib/sunscreen/lib/run_httpd stop
You can permanently disable this by modifying the startup script
/usr/lib/sunscreen/lib/ss_boot, commenting out the following line near
the bottom:
#$LIB_DIR/run_httpd start
Note, you may have to re-do this modification following patch installs.
Hope this helps,
dpk
- Previous message: Crist J. Clark: "SunScreen and Broadcasts"
- In reply to: Crist J. Clark: "SunScreen and Broadcasts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
