http://bugzilla.suse.com/show_bug.cgi?id=1070080 http://bugzilla.suse.com/show_bug.cgi?id=1070080#c9 --- Comment #9 from Matthias Gerstner <matthias.gerstner@suse.com> --- SuSEfirewall2 does not support dynamic configuration via dbus or any other interface. We're in the process of switching the default firewall to firewalld. firewalld comes with a dbus interface. You can already install firewalld on OpenSUSE, but the integration into yast and wicked is not complete yet. This will only be part of the next major OpenSUSE Leap release. But even with firewalld the question is how do you know when you need to open this port? Since the DHCP server is doing this on its own initiative I don't see how this can be achieved. Maybe the DHCP server does advertise use of this extension. In this case the dhcp client could dynamically open the port in question. But I can't find any information relating to that. IT is also a question about how the DHCP client behaves like I've already mentioned in comment 4. When the DHCP client uses raw sockets for receiving the DHCP messages then the firewall is circumvented anyways. It seems you have a rare setup where the DHCP server uses this specific renewal extension and your DHCP client uses a regular UDP socket for receiving unicast messages from the server. I suggest you stick to the static firewall configuration for making it work. (In reply to matwey.kornilov@gmail.com from comment #8)

Indeed, this works.

But is there more generic way? Probably, dhclient or wiched could ask firewall by dbus?

-- You are receiving this mail because: You are on the CC list for the bug.