[Bug 475384] New: Public NTP Cannot be Cconfigured as the GUI will Not Retain Firewall as Open
https://bugzilla.novell.com/show_bug.cgi?id=475384 Summary: Public NTP Cannot be Cconfigured as the GUI will Not Retain Firewall as Open Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86-64 OS/Version: openSUSE 11.1 Status: NEW Severity: Major Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: alpha096@virginbroadband.com.au QAContact: jsrain@novell.com Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.0.6) Gecko/2009012700 SUSE/3.0.6-0.1.2 Firefox/3.0.6 During configuration of a Public NTP Server the Firewall is checked as open. The open check does not hold and the NTP Server will always be unreachable.
From the List of pre-configured services it would appear that many services have not been included.
It is not clear if you add a service IP in Advanced tab and the Firewall Converts it to a known Service Name - Example - If I include TCP/UDP 53 in Advanced Tab the DBS Service description will not be added. This was the case in 10.3 - If you entered a well known service less than 1024 in advanced - the corresponding service name was usually entered. I tested TCP/UDP 53 in Advanced and It would have added the service name DNS Services under 10.3. It appears that all the Service name defaults are missing and the table of service names that link a port number os also missing. Reproducible: Always Steps to Reproduce: 1.Open NTP Services in Yast 2.Open Firewall check box 3.Finish and close - On re-opening of service the check box is no longer present Actual Results: Firewall has no NTP Services added when the NTP server was configured and Firewall Check box selected Expected Results: The Corresponding Service Name should be added to Allowed Services automatically by checking the Firewall Box on NTP Services -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=475384 User jsrain@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=475384#c1 Jiri Srain <jsrain@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |mvidner@novell.com |ovo.novell.com | --- Comment #1 from Jiri Srain <jsrain@novell.com> 2009-02-18 07:57:07 MST --- Is reproducible here. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=475384 User alpha096@virginbroadband.com.au added comment https://bugzilla.novell.com/show_bug.cgi?id=475384#c2 Scott Couston <alpha096@virginbroadband.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |alpha096@virginbroadband.co | |m.au --- Comment #2 from Scott Couston <alpha096@virginbroadband.com.au> 2009-02-18 13:45:04 MST --- I think there is more to this than meets the eye - I cannot get it to work if I stop the firewall altogether - What service is the front end NTP Service calling for?????? I dont think its NTP or NNTP -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=475384 User mvidner@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=475384#c3 Martin Vidner <mvidner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE --- Comment #3 from Martin Vidner <mvidner@novell.com> 2009-02-20 03:00:53 MST --- Concerning NTP port not getting open, that is a duplicate of bug 468405 and bug 476951 (two different bugs having the same effect, yay!). (Those bugs are not public yet, I'll fix that.) Concerning the example with port 53, that is something completely different for a separate report. Concerning comment 2: I don't understand. Please open a new report and describe the steps to reproduce and the actual and expected results. Also attach the logs. *** This bug has been marked as a duplicate of bug 476951 *** https://bugzilla.novell.com/show_bug.cgi?id=468405 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=475384 User alpha096@virginbroadband.com.au added comment https://bugzilla.novell.com/show_bug.cgi?id=475384#c4 Scott Couston <alpha096@virginbroadband.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|DUPLICATE | --- Comment #4 from Scott Couston <alpha096@virginbroadband.com.au> 2009-02-20 07:04:26 MST --- Unreal it works sort of I see the online update has changed an option in NTP Services Security tab "Restrict NTP Services to Configured Services Only" Its a bit unclear are you wanting this to be checked by either public or local NTP Server - Not quite sure? I cannot get ANY Public NTP Server to respond correctly with default options but it works fine with a Local One. The Firewall is only written to the allowed services once the NTP config, including servers, Broadcasts etc, when it is finalized. This creates a huge BUG I reported in bug 442475 which still is not fixed - if the user does not test the NTP Server and it does not work and the user just hits finish - they are going to wait a very long time I can see it works perfectly for Local Servers but not Public ones - Sorry to break the bad news after so much info has come from different errors with NTP to just enable this fix :-( Re-Open - If you would like to keep this in bug 476951 please feel free to close this as dupe again or visa versa :-( -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=475384 User alpha096@virginbroadband.com.au added comment https://bugzilla.novell.com/show_bug.cgi?id=475384#c5 --- Comment #5 from Scott Couston <alpha096@virginbroadband.com.au> 2009-02-21 16:35:27 MST --- RE #1 Ports should read NTP is TCP/UDP 123 NOT 53 - As TCP/UDP 53 is DNS-ALL AND NNTP is TCP 119 - Sorry about that -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=475384 User alpha096@virginbroadband.com.au added comment https://bugzilla.novell.com/show_bug.cgi?id=475384#c6 --- Comment #6 from Scott Couston <alpha096@virginbroadband.com.au> 2009-02-24 18:57:36 MST --- Still confirm that it is not possible to establish a public NTP Server and have it respond as reachable - firewall or not - that part is now a non issue. Point is back to original title - I cannot create a Public NTP Server that is reachable and syncs time - All report as unreachable or did not respond. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=475384 User alpha096@virginbroadband.com.au added comment https://bugzilla.novell.com/show_bug.cgi?id=475384#c7 Scott Couston <alpha096@virginbroadband.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Public NTP Cannot be |ANY Public NTP Server |Cconfigured as the GUI will |Cannot be Configured to |Not Retain Firewall as Open |Synchronize PC system in | |Both 11.0 and 11.1 Severity|Major |Critical --- Comment #7 from Scott Couston <alpha096@virginbroadband.com.au> 2009-02-27 14:55:01 MST --- Correct Title as Firewall error has been fixed but the problem still remains - Edit Title - Change Priority -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=475384 User alpha096@virginbroadband.com.au added comment https://bugzilla.novell.com/show_bug.cgi?id=475384#c8 Scott Couston <alpha096@virginbroadband.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |DUPLICATE --- Comment #8 from Scott Couston <alpha096@virginbroadband.com.au> 2009-02-28 16:38:08 MST --- Duplicate *** This bug has been marked as a duplicate of bug 476298 *** https://bugzilla.novell.com/show_bug.cgi?id=476298 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com