Hi!
I mean whether all ports specified in the SuSEfirewall2 configs are correctly reflected in firewalld configs
I can check the missing ones. And if they're needed anymore at all.
I did check all packages that ship service files. There are about 25
packages that don't have matching service definitions in the firewalld
installation. I will take care of opening bugs for them regarding the
migration.
An issue is that in SuSEfirewall2 we have some cases of "grouped"
service definitions like courier-imap which contains all of imap, imaps,
pop3 and pop3s. In firewalld there are no such groups, there are just
the individual imap, imaps, pop3 and pop3s services. The question is
whether we should continue having such groups or rather deal with the
individual service protocols. Any opinions on this?
On another matter: For SLE-15 it was decided to completely drop
SuSEfirewall2 so it won't be available as a legacy package or anything.
Should we take the same approach for Leap-15?
When we start removing SuSEfirewall2 service files from packages then
SuSEfirewall2 will stop functioning correctly on Tumbleweed and
ultimately on Leap-15. There would still be the possiblity to basically
support SuSEfirewall2 for a while before it is completely dropped.
Regards
Matthias
--
Matthias Gerstner