|
Bugzilla – Full Text Bug Listing |
| Summary: | YaST shows "Firewall is disabled" even when it is running | ||
|---|---|---|---|
| Product: | [openSUSE] SUSE Linux 10.1 | Reporter: | Johannes Meixner <jsmeix> |
| Component: | YaST2 | Assignee: | Lukas Ocilka <locilka> |
| Status: | RESOLVED INVALID | QA Contact: | Edith Parzefall <eparzefall> |
| Severity: | Major | ||
| Priority: | P5 - None | CC: | fs, scott |
| Version: | Beta 1 | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Found By: | Development | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Johannes Meixner
2006-01-26 14:26:35 UTC
The bug was initially shown by Frank Sundermeyer to me. Added The opposite is also wrong: When the SuSEfirewall2 is "insserverd" caps:~ # find /etc/init.d/ | grep -i fire /etc/init.d/boot.d/S08SuSEfirewall2_init /etc/init.d/boot.d/K14SuSEfirewall2_init /etc/init.d/rc3.d/S21SuSEfirewall2_setup /etc/init.d/rc3.d/K01SuSEfirewall2_setup /etc/init.d/rc4.d/S21SuSEfirewall2_setup /etc/init.d/rc4.d/K01SuSEfirewall2_setup /etc/init.d/rc5.d/S21SuSEfirewall2_setup /etc/init.d/rc5.d/K01SuSEfirewall2_setup /etc/init.d/SuSEfirewall2_init /etc/init.d/SuSEfirewall2_setup but it is currently not running: caps:~ # rcSuSEfirewall2 stop caps:~ # rcSuSEfirewall2 status Checking the status of SuSEfirewall2 unused then in the YaST printer module shows (at the same screen as above) for example "Firewall port is closed" which is wrong because all ports are actually open for all interfaces in all network zones when no Firewall is running at all. For me this wrong information looks like a major bug because the user thinks he is protected but in fact he is totally unprotected. CWMFirewall interface can handle only two states: Enabled / Disabled. When the firewall is not enabled, but running, CWMFirewall consider the SuSEfirewall2 disabled because, it fact, it IS disabled. If user has running firewall but it is disabled in the init scripts, it must have been started manually and that user has to set it up aslo manually (or using yast2-firewall) Summarization: Firewall can be: Running / Not Running Firewall can be: Enabled / Disabled If user starts firewall manually, CWMFirewall takes hands off. It seems to be not true that "If user starts firewall manually, CWMFirewall takes hands off." If it was true why is there still the Firewall stuff active in the printer module when it is not "insserverd" but running? In particular why is there a checkbox regarding Firewall settings active when "CWMFirewall takes hands off"? Is this a bug in the printer module? You probably don't understand me correctly. Typical user enables the firewall and it just runs. Then it also offers to itself to be configured via CWMFirewallAnything. If user enables the firewall but then he stops it, Firewall is still considered to be enabled and vice versa. If you want to play with the firewall, run `yast2 firewall`. In fact, this problem is here just because init scripts were broken in Beta1 and SuSEfirewall2_* scripts couldn't have been enabled unless used --force function. Thanks for clarification. By the way: At least Frank also didn't understand the underlying logic ;-) *** Bug 146614 has been marked as a duplicate of this bug. *** *** Bug 191461 has been marked as a duplicate of this bug. *** |