Bug 105434

Summary: SUSE Firewall: Simple option to let smb browsing information pass
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Tobias Burnus <burnus>
Component: BasesystemAssignee: Ludwig Nussel <lnussel>
Status: RESOLVED WONTFIX QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None    
Version: Beta 2   
Target Milestone: ---   
Hardware: Other   
OS: All   
Whiteboard:
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Tobias Burnus 2005-08-18 09:15:37 UTC 
I think this frequently occures: One is in a LAN which one not completely
trusts, does not want to offer any resources to the network, but would like to
browse in Konquorer using smb:/.

Currently, one has to dig deep to find this information - or one "simply"
disables the firewall. (If one already knows the name of the remote computer,
one can simply enter that one, but for browsing - ie seeing which Windows shares
are available - the default firewall blocks those.)

Expected: A simple option to accept those broadcasts. It increases the Desktop
feeling a lot, especially if most packages are still blocked ;)
Comment 1 Ludwig Nussel 2005-08-18 10:13:12 UTC 
client side smb browsing happens on arbitrary ports. You'd have to open udp  
1024: for that. broadcast replies are neither considered ESTABLISHED nor  
RELATED by netfilter so you'd really open the ports completely. see also  
#81254, I can't do anything about it atm. Broadcasts and untrusted networks 
just don't fit.