[Bug 272391] New: Yast2 firewall : No option to configure (default) reject configuration
https://bugzilla.novell.com/show_bug.cgi?id=272391 Summary: Yast2 firewall : No option to configure (default) reject configuration Product: SUSE Linux 10.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Enhancement Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: s.handgraaf@xs4all.nl QAContact: qa@suse.de Yast2 firewall allows users to configure the SuSEfirewall2 via a gui. Although many configuration options have been implemented, there is yet no function to configure the firewall for the (default) reject option like FW_SERVICES_REJECT_EXT. Users may think the system responds only to configured allowed service, yet there is the reject option that is used in at least one case for the firewall by default. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=272391 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|security-team@suse.de |locilka@novell.com ------- Comment #1 from lnussel@novell.com 2007-05-09 01:13 MST ------- feature request for yast2 ui -> Lukas -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=272391 locilka@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Comment #2 from locilka@novell.com 2007-05-09 02:58 MST ------- ## Type: string ## Default: 0/0,tcp,113 # # Packets to silently reject without log message. Common usage is # TCP port 113 which if dropped would cause long timeouts when # sending mail or connecting to IRC servers. # # Format: space separated list of net,protocol[,dport][,sport] # Example: "0/0,tcp,113" # # The special value _rpc_ is recognized as protocol and means that dport is # interpreted as rpc service name. See FW_SERVICES_EXT_RPC for # details. # FW_SERVICES_REJECT_EXT="0/0,tcp,113" Hmm, this quite an expert feature. I'll have to think about hiding it under some [Advanced...] button ;) Adding it as just another tree tab (into the left-side menu) might confuse common users. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=272391 locilka@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |LATER ------- Comment #3 from locilka@novell.com 2007-06-05 10:03 MST ------- Added as a new feature request into the FATE tool: #302355: YaST Firewall - Support for configuring FW_SERVICES_REJECT_* in UI closing as LATER for now. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=272391
User coolo@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=272391#c4
Stephan Kulow
https://bugzilla.novell.com/show_bug.cgi?id=272391
User coolo@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=272391#c5
--- Comment #5 from Stephan Kulow
https://bugzilla.novell.com/show_bug.cgi?id=272391
User coolo@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=272391#c6
--- Comment #6 from Stephan Kulow
https://bugzilla.novell.com/show_bug.cgi?id=272391
User coolo@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=272391#c7
Stephan Kulow
participants (1)
-
bugzilla_noreply@novell.com