Hi!
I mean whether all ports specified in the SuSEfirewall2 configs are correctly reflected in firewalld configs
I can check the missing ones. And if they're needed anymore at all.
I did check all packages that ship service files. There are about 25 packages that don't have matching service definitions in the firewalld installation. I will take care of opening bugs for them regarding the migration. An issue is that in SuSEfirewall2 we have some cases of "grouped" service definitions like courier-imap which contains all of imap, imaps, pop3 and pop3s. In firewalld there are no such groups, there are just the individual imap, imaps, pop3 and pop3s services. The question is whether we should continue having such groups or rather deal with the individual service protocols. Any opinions on this? On another matter: For SLE-15 it was decided to completely drop SuSEfirewall2 so it won't be available as a legacy package or anything. Should we take the same approach for Leap-15? When we start removing SuSEfirewall2 service files from packages then SuSEfirewall2 will stop functioning correctly on Tumbleweed and ultimately on Leap-15. There would still be the possiblity to basically support SuSEfirewall2 for a while before it is completely dropped. Regards Matthias -- Matthias Gerstner <matthias.gerstner@suse.de> Dipl.-Wirtsch.-Inf. (FH), Security Engineer https://www.suse.com/security Telefon: +49 911 740 53 290 GPG Key ID: 0x14C405C971923553 SUSE Linux GmbH GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nuernberg)