https://bugzilla.novell.com/show_bug.cgi?id=712670 https://bugzilla.novell.com/show_bug.cgi?id=712670#c0 Summary: Problem with FW_SERVICES_ACCEPT_EXT in /etc/sysconfig/SuSEfirewall2 Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: x86-64 OS/Version: openSUSE 11.4 Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: f.de.kruijf@gmail.com QAContact: jsrain@novell.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0) Gecko/20100101 Firefox/6.0 I have the following 3 lines in etc/sysconfig/SuSEfirewall2: FW_SERVICES_ACCEPT_EXT="0.0.0.0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh 127.0.0.0/8,tcp,mysql 192.168.1.0/24,tcp,3080 192.168.1.0/24,tcp,3493" The first two lines are in fact one line. At a certain moment, I can relate it a YaST session, these lines are changed into: hitcount="3,blockseconds=60,recentname=ssh" FW_SERVICES_ACCEPT_EXT="0.0.0.0/0,tcp,22,, 127.0.0.0/8,tcp,mysql 192.168.1.0/24,tcp,3080 192.168.1.0/24,tcp,3493" so the first line above is moved out of the FW_SERVICES_ACCEPT_EXT definition. This effectively disables what should be achieved, limiting the amount of ssh tcp sessions to 3 per minute from one IP address. # ls -l /etc/sysconfig/SuSEfirewall2 -rw-r--r-- 1 root root 34590 Aug 14 22:25 /etc/sysconfig/SuSEfirewall2 shows the date of last change of that file # zcat /var/log/YaST2/y2log-1.gz | grep SuSEfirewall | grep '14 22' 2011-08-14 22:25:08 <1> eik114(5855) [YCP] Service.ycp:403 Enabling service SuSEfirewall2_init 2011-08-14 22:25:08 <1> eik114(5855) [YCP] Service.ycp:403 Enabling service SuSEfirewall2_setup shows YaST activity at that moment. Reproducible: Sometimes Steps to Reproduce: 1.Don't know 2. 3. Expected Results: The line in SuSEfirewall2 should be left alone It happened several times earlier, but had the file SuSEfirewall2 changed before I could relate it to something happening at that moment. Below is the last line of a zypper session show in the file /var/log/zypper.log 2011-08-14 22:25:02 <1> eik114(5631) [zypp] ZYppFactory.cc(~ZYppGlobalLock):90 Lockfile cleaned. (5631) So a few seconds before zypper ended. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.