989145 – document firewall behaviour for "no zone assigned"

Bug 989145 - document firewall behaviour for "no zone assigned"

Summary: document firewall behaviour for "no zone assigned"

Status:	RESOLVED FIXED

Alias:	None

Product:	openSUSE Distribution
Classification:	openSUSE
Component:	Documentation (show other bugs)
Version:	Leap 42.1
Hardware:	Other Other

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assignee:	Frank Sundermeyer
QA Contact:	Frank Sundermeyer

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2016-07-15 10:42 UTC by Joachim Wagner
Modified:	2017-05-09 10:54 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Joachim Wagner 2016-07-15 10:42:44 UTC

The documentation should say what firewall rules apply when an interface is assigned to the zone "No zone assigned".

The following discussions and my own observations suggest that currently the behaviour is the same as if the interface is assigned to the zone "External Zone":

https://forums.opensuse.org/showthread.php/518486-In-Yast-no-zone-assigned-to-interface-in-firewall-which-firewall-rules-apply

bug #931152

The above forum discussion shows that some users wrongly assume that the "No zone" is always closed, allowing only outgoing connections. If this zone is then used for the public network and the external zone for a more secure but still not fully trusted network, this opens up security issues.

Comment 1 Dmitri Popov 2017-05-09 10:54:53 UTC

Fiyed in https://github.com/SUSE/doc-sle/pull/137