[Bug 899330] New: Interfaces does not automatically show up in firewall with NetworkManager
http://bugzilla.opensuse.org/show_bug.cgi?id=899330 Bug ID: 899330 Summary: Interfaces does not automatically show up in firewall with NetworkManager Classification: openSUSE Product: openSUSE Factory Version: 201408* Hardware: x86-64 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Network Assignee: bnc-team-screening@forge.provo.novell.com Reporter: razirazo_90@live.com.my QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- When using NetworkManager, network interfaces does not listed in firewall. I have to manually configure it using Wicked Service first, to make it registered in firewall. And then use networkManager back. This is troublesome, for example when setting up internet sharing you can't proceed to zone assign and Network masquerade until you do the step above. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
Carlos Bessa
When using NetworkManager, network interfaces does not listed in firewall.
I have to manually configure it using Wicked Service first, to make it registered in firewall. And then use networkManager back.
This is troublesome, for example when setting up internet sharing you can't proceed to zone assign and Network masquerade until you do the step above.
I can also confirm this. One has to configure it manually in Wicked Service and then go back to networkmanager for the devices to appear in the firewall. If I recall correctly in desktops the wicked service is used by default (at least it was the case for ifup) so that won't be a problem. But for laptops the default is network manager so users will be unprotected. The firewall is turned on by default so I never crossed my mind to look it up, until I wanted the change the firewall zone for a particular network device. regards, Carlos -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
Bernhard Wiedemann
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
Bernhard Wiedemann
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
David Liang
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
Camilo Castillo
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
Code Struct
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
http://bugzilla.opensuse.org/show_bug.cgi?id=899330#c6
Dominique Leuenberger
Is this yast2 firewall that you use or are you directly editing /etc/sysconfig/SuSEfirewall2* ?
or does NetworkManager have its own?
Reprduced here - YaST Firewall module sees no interfaces when NM is being used (NM *can* work with firewalld, but that's by a long shot not default in openSUSE) This seems more a YaST issue than NetworkManager => reassigning -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
Simcha Lerner
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
http://bugzilla.opensuse.org/show_bug.cgi?id=899330#c7
Simcha Lerner
http://bugzilla.opensuse.org/show_bug.cgi?id=899330
http://bugzilla.opensuse.org/show_bug.cgi?id=899330#c12
Andrei Borzenkov
I am sorry, but the original bug, as Knut commented, was open against openSUSE 13 and the situation has changed quite a lot. Now firewalld is the firewall solution to go and it is the only supported solution by YaST. This problem does not happen in that case,
of course it does. YaST2 firewall module only shows interfaces for which wicked configuration exists. This is hidden by the fact that installer creates both wicked ifcfg and NM connection profile for interface used during installation so it /looks/ like it works. But any interface that does not have wicked configuration is "invisible" to YaST firewall module. As NetworkManager is now default and wicked is not even installed this is no more "enhancement" but a real bug. Reproduced on TW 20220603. See also https://forums.opensuse.org/showthread.php/570803-Yast-firewall-doesn-t-resp... -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com
-
bugzilla_noreply@suse.com