[Bug 1185201] New: firewalld enhancement
http://bugzilla.opensuse.org/show_bug.cgi?id=1185201 Bug ID: 1185201 Summary: firewalld enhancement Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: screening-team-bugs@suse.de Reporter: jshand2013@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- on a opensuse tumbleweed or leap system i have noticed, that, when you comletely disable ipv6 from yast2 network, firewalld still continues to configure ipv6 rules even though your system isn't using ipv6 could this please be looked at. it just seems strange -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1185201 http://bugzilla.opensuse.org/show_bug.cgi?id=1185201#c1 --- Comment #1 from John Shand <jshand2013@gmail.com> --- thanks for the awesome work on firewalld, you have seriously reduced the number of rule written to the rules file. Just wondering, is there a way to turn off ipv6 rules if in yast2 network ipv6 has been turned off? if you don't use ipv6 on a system, it seems pointless to have those rules written. also, if the administrator was to turn on ipv6 again, the ipv6 rules would also need to be written. This could streamline firewalld's resource use -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1185201 http://bugzilla.opensuse.org/show_bug.cgi?id=1185201#c2 --- Comment #2 from John Shand <jshand2013@gmail.com> --- i have seen that in input, output and forward there are still ipv6 rules written in there. i have ipv6 turned off and it makes no sense to have ipv6 rules applied -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1185201 http://bugzilla.opensuse.org/show_bug.cgi?id=1185201#c3 --- Comment #3 from John Shand <jshand2013@gmail.com> --- Just a thought. would it be possible to add functionality for yast2-firewall module to set rate limiting ie ssh port or any other port that you configure?? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1185201 http://bugzilla.opensuse.org/show_bug.cgi?id=1185201#c4 John Shand <jshand2013@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #4 from John Shand <jshand2013@gmail.com> --- upon reflection, this could introduce security holes. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com