Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Distributions > Mandriva
User Name
Mandriva This Forum is for the discussion of Mandriva (Mandrake) Linux.


  Search this Thread
Old 06-20-2007, 04:05 PM   #1
Registered: Feb 2007
Location: Pasadena, Texas
Distribution: Slackware 14.0
Posts: 137

Rep: Reputation: 3
rules.drakx in /etc/shorewall

rules.drakx in /etc/shorewall

Does anyone know why these three ports (11,6000,631) are open?
Is this normal, or at least okay? Is there anything strange here?
I configured the firewall to HIGH setting, and did not check any
boxes to allow ANY outside services to connect.
ps: Sorry if my query is overly generalized.
Mandriva 2007.0 on x86_64

The file /etc/shorewall/rules.drakx is a product of the
Mandriva 2007.0 installation process, and states:
ACCEPT net fw tcp 111,6000,631 -

I ran the following scan on my computer (output following):
$ nmap

Starting Nmap 4.11 ( ) at 2007-06-20 15:33 CDT
Interesting ports on (
Not shown: 1677 closed ports
111/tcp open rpcbind
631/tcp open ipp
6000/tcp open X11

I ran this scan:
$ nmap -A -v

Starting Nmap 4.11 ( ) at 2007-06-20 15:45 CDT
DNS resolution of 1 IPs took 0.04s.
Initiating Connect() Scan against (24.238.220.
89) [1680 ports] at 15:45
Discovered open port 6000/tcp on
Discovered open port 631/tcp on
Discovered open port 111/tcp on
The Connect() Scan took 0.04s to scan 1680 total ports.
Initiating service scan against 3 services on
( at 15:45
The service scan took 6.11s to scan 3 services on 1 host.
Initiating RPCGrind Scan against (
9) at 15:46
The RPCGrind Scan took 0.00s to scan 1 ports on
m (
Host ( appears to be up ... good
Interesting ports on (
Not shown: 1677 closed ports
111/tcp open rpc
631/tcp open ipp CUPS 1.2
6000/tcp open X11 (access denied)
Service Info: OS: Unix

Nmap finished: 1 IP address (1 host up) scanned in 6.372 seconds

The /etc/shorewall/policy file states:
loc net ACCEPT
loc fw ACCEPT
fw loc ACCEPT
fw net ACCEPT
net all DROP info
all all REJECT info
This file ends here.

Last edited by ferrel; 06-20-2007 at 04:06 PM.
Old 06-20-2007, 11:00 PM   #2
Senior Member
Registered: Nov 2001
Location: Toledo, Ohio - USA
Distribution: Mageia 1
Posts: 1,079
Blog Entries: 4

Rep: Reputation: 70
111/tcp open rpcbind
631/tcp open ipp
6000/tcp open X11
I think this tells the whole story ...
Port 111 is used by rpcbind. A Google search returns this Unix Manual Page. I have no reason to permit remote log in here (this is my personal desktop system), so I disable or remove such services. If you are not providing services to other computers you probably do not need this running.

Port 631 is used by the Cups print server. You can configure cups and manage print jobs from a WEB browser with the following URI:
I use my Linux printer from my wife's laptop over my home LAN, so I have print sharing set up which opens ports 139 and 445. As much as I dislike any open ports, if I am to use my computer on my home LAN, a few are unavoidable. My router doubles as a hardware firewall, and I have been carefull to block these ports there.

Port 6000 is used by the X11 server. If you need to log in to your computer from a remote machine (perhaps via ssh) this is the port to use. Again, I do not allow remote log in so this port is closed here.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Shorewall ignoring rules DeusExMichael Linux - Security 2 03-06-2007 02:20 PM
shorewall config question with /etc/shorewall/rules peter72 Linux - Networking 3 01-01-2007 09:33 PM
Shorewall .....rules or tos? matthewa Linux - Security 3 06-26-2005 01:57 PM
Shorewall ignores the rules? N3K0KUN Linux - Security 3 09-06-2004 02:48 PM
Shorewall policies + rules richlawson Linux - Networking 2 06-29-2003 11:35 AM > Forums > Linux Forums > Linux - Distributions > Mandriva

All times are GMT -5. The time now is 01:14 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration