Date: Tue, 11 Sep 2012 11:17:57 -0400 From: Brandon Allbery <allbery.b@gmail.com> To: Kimmo Paasiala <kpaasial@gmail.com> Cc: "Shiv. Nath" <prabhpal@digital-infotech.net>, "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: Re: PF Configuration - FreeBSD Release 9.0 x64 Message-ID: <CAKFCL4U0am_h3svdzAQtTyHfWDfSKoSu1NyQwgaspY66CqCc%2BA@mail.gmail.com> In-Reply-To: <CA%2B7WWScLWHTP=hkFk9=-rYr=WNfY_oUDKqnka0qLEz_mZQA6tw@mail.gmail.com> References: <504EF33A.7080304@digital-infotech.net> <A41AC173-339A-49DB-9AAB-5079D6B1001C@my.gd> <CAKFCL4U8wN5vOZ7DRLLck5tpXFi9U_f=E8NSm7ieO-4TBqYHqQ@mail.gmail.com> <CA%2B7WWScLWHTP=hkFk9=-rYr=WNfY_oUDKqnka0qLEz_mZQA6tw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 11, 2012 at 11:12 AM, Kimmo Paasiala <kpaasial@gmail.com> wrote: > On Tue, Sep 11, 2012 at 6:05 PM, Brandon Allbery <allbery.b@gmail.com> > wrote: > > On Tue, Sep 11, 2012 at 4:26 AM, Damien Fleuriot <ml@my.gd> wrote: > >> On 11 Sep 2012, at 10:15, "Shiv. Nath" <prabhpal@digital-infotech.net> > >> wrote: > >> It says it received a *response* so my understanding is *you* are trying > >> to connect. > > > > But it's avahi (a zeroconf implementation) so the response is to a > > broadcast; the remote machine in question may also be broadcasting. > > > > I would actually question why avahi is even enabled on a server; perhaps > > the correct answer is simply to disable it in rc.conf. > > You do know that avahi-daemon's main use is to advertise _services_ > running on a host? > Yes, but zeroconf-style services are often more of a peer-to-peer nature instead of fixed (which don't *need* zeroconf). It's also a larger attack surface. -- brandon s allbery allbery.b@gmail.com wandering unix systems administrator (available) (412) 475-9364 vm/sms
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKFCL4U0am_h3svdzAQtTyHfWDfSKoSu1NyQwgaspY66CqCc%2BA>