Knut Alejandro Anderssen Gonz���lez changed bug 1184457
What Removed Added
CC   kanderssen@suse.com, mail@georg-pfuetzenreuter.net
Flags   needinfo?(mail@georg-pfuetzenreuter.net)

Comment # 1 on bug 1184457 from 
As commented on IRC firewalld have some predefine zones:

https://firewalld.org/documentation/zone/predefined-zones.html


Each zone defines a set of services or ports to be open and for modifying the
defaults the attribute has to be declared:

With the new parser giving a empty list should be enough like <services
config:type="list"> but with old parser empty or nil values are removed from
the profile during the first stage so, during the second stage it looks like
not declared from firewall auto client POV:


For this bug in particular a workaround could be used:

      <firewall>
        <zones config:type="list">
          <zone>
            <name>public</name>
            <interfaces config:type="list">
              <interface>eth0</interface>
            </interfaces>
            <services config:type="list">
              <service>[!CDATA[]]</service>
            </services>
            <ports config:type="list">
              <port>8080/tcp</port>
              <port>9090/udp</port>
            </ports>
          </zone>
        </zones>
      </firewall>

But take into account that if the profile is modified more than once it will be
removed at same point so it is not a general solution.

For a general solution (that works in any Leap15.X version) would be better to
remove the services using an script.

Could you try it?, although it is not perfect doing any change to the parser
for Leap15.2 could be a bad idea

You are receiving this mail because: