[sle-beta] Firewall related questions and issues
Radoslav Tsvetkov
rtsvetkov at suse.com
Thu Feb 8 03:39:49 MST 2018
thanks,
but I'll say _open Bug for every separate topic. Some of the topics
have different priorities, and we can improve more gradually. Other are
must.
On Thu, 2018-02-08 at 11:18 +0100, Vincent Moutoussamy wrote:
> Hi,
>
>
> > > > On 6 Feb 2018, at 17:46, Beddingfield, Allen <allen at ua.edu> wrote:
> > > > > > So, I've been testing the various betas of SLES 15 like the rest of
you, and for the most part, I've seen no problems that haven't
already been discussed and/or resolved.
> >
> > > > > > > > However, I would like to discuss the firewall situation. I was
under the impression early on that a SUSE-specific Yast module (as
we currently have on previous versions) would be added later for
managing firewalld? Is that not the case?
> > > > > > As it stands now, the tui version of Yast gives an error to the
effect that you must use the gui version. The gui version loads
the same utility that Red Hat uses.
> > > > > > Not having a more-intuitive-than-the-competition SUSE-specific
Yast module doesn't seem very "SUSE-like". If one exists for
iptables, it seems like one could exist for firewalld?
> > > > > > > > > > I do extensive custom rules (192.168.0.1/24 allowed on tcp 22,
192.168.1.5 allowed on tcp 678, and on and on). While I've easily
figured out how to do that with firewall-cmd and "--add-rich-rule",
it is nice to have the tui interface to enter "custom rules" as we
do now.
> > > > > > > > Also, how well are all of those rules going to get converted over
in a 12.x to 15.x upgrade? I will have to attempt an upgrade to
give that a go and see for myself. I have systems with 50+ "Custom
Rules" defined
> >
> > > > I believe this issue has been brought up before as being still in
process, but I will mention it:
> >
> > > > > > While we are on the topic of the firewall, I notice that if I go
into "yast nfs-server", where you would normally select to open the
ports, there is the following message:
> >
> > "Firewall not configurable"
> > * nfs-kernel-server (Not available)
> > "You need to defined them to be able to configure the firewall."
> >
> > Possible typo - ("defined should probably also be "define" )
> >
> > > > "yast samba-server" yields the same error, but with * samba-server,
* netbios-server, and * samba client
> >
> > Allen B.
> >
> Thanks for your feedback!
> > It is still true that firewalld and the YaST adaptation are still
Work In
> > Progress. I would suggest to open bug reports on the matter that is
most
> > important for you, so we can keep track of the progress and provide
more details
> information if needed.
>
> We should cover the firewalld and YaST changes in
> > https://www.suse.com/releasenotes/x86_64/SUSE-SLES/15/ in the
future.
>
> Regards,
> --
> Vincent Moutoussamy
> SUSE Beta Program and SDK Project Manager
>
>
>
> _______________________________________________
> sle-beta mailing list
> sle-beta at lists.suse.com
> http://lists.suse.com/mailman/listinfo/sle-beta
--
Best regards, Cordialement, Mit freundlichen Grüßen, 敬具
Radoslav Tsvetkov
Project Manager, SLE
SUSE Linux
Maxfeldstr. 5, D-90409 Nürnberg, Germany
Phone: +49 911 740 53-110
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.suse.com/pipermail/sle-beta/attachments/20180208/416b4008/attachment.htm>
More information about the sle-beta
mailing list