Quote:
Originally Posted by kernel-P4N1C
all default iptables rules seems to have this ?
Code:
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
|
Let the computer receive ping packets, destination-not-found-packets, ...
ICMP stands for Internet Control Message Protocol, it is used to give information about the network. It is used by network admins to debug networks. (Often in Linux-networking I ask people to execute a ping command)
Quote:
Originally Posted by kernel-P4N1C
Code:
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
|
no idea, sorry
Quote:
Originally Posted by kernel-P4N1C
Code:
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
|
http://www.linuxquestions.org/questi...rt-5353-91085/
Quote:
Originally Posted by kernel-P4N1C
Code:
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
|
IPP (Internet Printing Protocol), if your pc is used as a print server, it probably is throug this port.
Quote:
Originally Posted by kernel-P4N1C
Code:
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
Your firewall is a statefull firewall. That means, by default it drops all packets, except when the packets belong to a connection that has already been established. Otherwise it could be a problem, say when you send a request for a webpage, and the response would get dropped (by default).
This rule says that packets related to a connection that has already been established, have to be accepted.
EDIT: If I want more info about a certain port, I usually google for "tcp <portnumber>" or "udp <portnumber>". Except when it is a really obscure protocol, this usually tells me what the service is called. Then I can google a bit more on that service name.