On Mon, 2005-02-14 at 00:33 +0100, Michal J. Gajda wrote:
Package: fireflier-client-kde Version: 1.1.5-1 Severity: minor
It is pretty irritating to must have every connection to be accepted both from initiator and accepting side. It is also a bit of GUI haggle, as it is hard to notice what the option about connection tracking concerns. (I've been trying to switch it on for all packets, but without success.)
the behaviour of fireflier regarding connection tracking should be correct as far as i know up to now. You can verify this by checking the rules which are inserted. there should be a matching rule for the opposite direction which includes --state RELATED,ESTABLISHED. This accepts all packets belonging to an active connection.
The problem is that it works just for ESTABLISHED. RELATED connections usually concern different ports, so it is not enough to just accept the same connections. (Maybe just have an option to ACCEPT all RELATED?)
Whenever you have a packet in the OUTPUT chain, which is of the protocol UDP or TCP you should be able to add a connection tracking rule. I will try to make this thing a little more clear with the next version of fireflier. Anyways this next version might take some time, as development is not very active at the moment. (limited time)
thanks for reporting this issues. if you have further questions feel free to ask.
--
Pozdrawiam
Michal J. Gajda
begin:vcard fn;quoted-printable:Micha=C5=82 J. Gajda n;quoted-printable:Gajda;Micha=C5=82 J. org:Internation Institute of Molecular and Cell Biology;Laboratory of Bioinformatics and Protein Engineering adr:;;Trojdena 4;Warsaw;;02-109;Poland email;internet:[EMAIL PROTECTED] title:Senior Research Assistant x-mozilla-html:FALSE url:http://genesilico.pl version:2.1 end:vcard
signature.asc
Description: OpenPGP digital signature
