[Bug 729793] New: TFTP server doesn't provide support for SuSEfirewall2
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c0 Summary: TFTP server doesn't provide support for SuSEfirewall2 Classification: openSUSE Product: openSUSE 12.1 Version: RC 2 Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: puzel@suse.com ReportedBy: locilka@suse.com QAContact: qa@suse.de CC: mvidner@suse.com Found By: Development Blocker: --- I came across this article about configuring TFTP http://sellingfreesoftwareforaliving.blogspot.com/2011/11/install-and-config... and it says that it needs some manual steps in configuring firewall to make it work. Hard to say whether TFTP server actually ever did provide that support, but YaST configuration module expects that it does. SuSEfirewall2 provides quite interesting feature: Any package can define its own set of firewall rules needed for itself to work behind firewall. More info here: http://kobliha-suse.blogspot.com/2008/06/firewall-services-defined-by-packag... I believe it would be enough include a new file /etc/sysconfig/SuSEfirewall2.d/services/tftp in the tftp package: --- cut --- ## Name: TFTP Server ## Description: Opens ports for tftp service. # space separated list of allowed UDP ports UDP="tftp" --- cut --- Please, correct me if more ports are needed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c Petr Uzel <puzel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|puzel@suse.com |vcizek@suse.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c1 Vitezslav Cizek <vcizek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO CC| |vcizek@suse.com InfoProvider| |locilka@suse.com --- Comment #1 from Vitezslav Cizek <vcizek@suse.com> 2011-11-11 17:08:24 CET --- I packaged the firewall rules as you suggested. However, when I launch the Yast tftp module and check "Open port in firewall", I still don't see port 69 listed among the allowed services/ports. In Yast log I find lines like this: [YCP] SuSEFirewall.ycp:2046 Undefined service 'tftp' or [YCP] SuSEFirewallServices.ycp:538 Uknown service 'tftp' Despite tftp being listed among the known services right bellow: "service:tftp":$["broadcast_ports":[], "description":"Opens ports for tftp ser vice.", "ip_protocols":[], "name":"TFTP Server", "rpc_ports":[], "tcp_ports":[], "udp_ports":["tftp"]] Do you have any ideas what could go wrong? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c2 Lukas Ocilka <locilka@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|locilka@suse.com | --- Comment #2 from Lukas Ocilka <locilka@suse.com> 2011-11-14 13:32:58 UTC --- Well, "service:tftp" != "tftp" --> YaST code needs to be changed too. BTW, even if you allow TFTP service in firewall, you will still unable to see port 69 open in YaST Firewall (but you will be able to see it in iptables list). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c3 Martin Vidner <mvidner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |locilka@suse.com --- Comment #3 from Martin Vidner <mvidner@suse.com> 2011-11-14 15:48:59 CET --- Do you mean that this line should be changed to read "service:tftp"? http://svn.opensuse.org/viewvc/yast/trunk/tftp-server/src/dialogs.ycp?view=markup&pathrev=64460#l85 Then I don't understand why anything needed to be changed in the first place. SuSEFirewallServices.ycp does contain "udp_ports" : [ "tftp" ]. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c4 Lukas Ocilka <locilka@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|locilka@suse.com | --- Comment #4 from Lukas Ocilka <locilka@suse.com> 2011-11-15 12:46:16 UTC --- SuSEFirewallServices.ycp contains obsolete services maintained by this YCP module. Definition mentioned above is used only for converting old settings to new ones. This conversion is now obsolete as well as it's been done already. Anyway, if YaST TFTP Server wants to modify the firewall with CWM functionality, it has to use some service that exists and thats "service:tftp" -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c5 --- Comment #5 from Lukas Ocilka <locilka@suse.com> 2011-11-15 12:49:00 UTC --- Additional info: service:$name has been added years ago to replace the old built-in services defined in SuSEFirewallServices YCP module. These old definitions have been already dropped. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c6 Vitezslav Cizek <vcizek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |mvidner@suse.com --- Comment #6 from Vitezslav Cizek <vcizek@suse.com> 2011-11-21 15:03:34 CET --- I think my part is done here. Martin, should I assign this bug to you? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c7 Lukas Ocilka <locilka@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium Status|NEEDINFO |NEW InfoProvider|mvidner@suse.com | AssignedTo|vcizek@suse.com |locilka@suse.com --- Comment #7 from Lukas Ocilka <locilka@suse.com> 2011-11-21 14:41:38 UTC --- I'll fix that in Factory... In which version (tftp) has it been implemented? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c8 --- Comment #8 from Vitezslav Cizek <vcizek@suse.com> 2011-11-21 15:58:51 CET --- I'll fixed it in devel project only, yet. So Factory. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c9 Lukas Ocilka <locilka@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #9 from Lukas Ocilka <locilka@suse.com> 2011-11-25 10:23:05 UTC --- Fixed in Factory, yast2-tftp-server 2.22.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c10 --- Comment #10 from Bernhard Wiedemann <bwiedemann@suse.com> 2011-11-25 12:00:12 CET --- This is an autogenerated message for OBS integration: This bug (729793) was mentioned in https://build.opensuse.org/request/show/93601 Factory / yast2-tftp-server -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c11 Lukas Ocilka <locilka@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rysic@vp.pl --- Comment #11 from Lukas Ocilka <locilka@suse.com> 2012-08-01 14:30:15 UTC --- *** Bug 609413 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=609413 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |maint:running:48899:low -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c12 --- Comment #12 from Bernhard Wiedemann <bwiedemann@suse.com> 2012-09-13 12:00:29 CEST --- This is an autogenerated message for OBS integration: This bug (729793) was mentioned in https://build.opensuse.org/request/show/134139 Factory / atftp -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:48899:low |maint:running:48899:low | |maint:running:49006:moderat | |e -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c13 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:48899:low |maint:running:48899:low |maint:running:49006:moderat |maint:running:49006:moderat |e |e | |maint:released:sle11-sp2:49 | |033 --- Comment #13 from Swamp Workflow Management <swamp@suse.de> 2012-09-13 20:44:59 UTC --- Update released for: tftp, tftp-debuginfo, tftp-debugsource Products: SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP2 (i386, x86_64) SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP2 (i386, x86_64) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:48899:low |maint:running:49006:moderat |maint:running:49006:moderat |e |e |maint:released:sle11-sp2:49 |maint:released:sle11-sp2:49 |033 |033 | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=729793 https://bugzilla.novell.com/show_bug.cgi?id=729793#c14 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:49006:moderat |maint:running:49006:moderat |e |e |maint:released:sle11-sp2:49 |maint:released:sle11-sp2:49 |033 |033 | |maint:released:sle11-sp2:49 | |242 --- Comment #14 from Swamp Workflow Management <swamp@suse.de> 2012-09-24 18:17:27 UTC --- Update released for: atftp, atftp-debuginfo, atftp-debugsource Products: SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP2 (i386, x86_64) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com