![](https://seccdn.libravatar.org/avatar/77cb4da5f72bc176182dcc33f03a18f3.jpg?s=120&d=mm&r=g)
On 2023-05-01 08:44, Per Jessen wrote:
Carlos E. R. wrote:
After starting firewalld (with an empty config I presume), I tried the first run of susefirewall2-to-firewalld.
Hum. The starting point is with SuSEfirewall enabled and running, not firewalld.
"SuSEfirewall2 enabled and running" means a load of iptables rules loaded, that is all. There is nothing "enabled" nor "running".
"running" in a manner of speaking.
Firewalld is supposed to be running, otherwise the migration script cannot interface with it for making changes.
No. The script stops SuSEfirewall2, and starts the firewald daemon to insert the rules.
I guess you left out some bits of your config ? I'll check back tomorrow, going to go and watch telly.
No, those are "native" parts on SuSEfirewall2 system.
I have these:
cer@Telcontar:~> rpm -qa | grep -i firewall firewall-macros-0.9.3-150400.8.9.1.noarch susefirewall2-to-firewalld-0.0.4-3.9.1.noarch firewalld-lang-0.9.3-150400.8.9.1.noarch firewall-config-0.9.3-150400.8.9.1.noarch yast2-firewall-4.4.3-150400.1.8.noarch firewalld-0.9.3-150400.8.9.1.noarch SuSEfirewall2-3.6.378-1.33.noarch python3-firewall-0.9.3-150400.8.9.1.noarch cer@Telcontar:~>
I suspect you miss the macros.
If they were not automagically pulled in, that is quite likely. I was going to check, but in the meantime my connection to office24 was dropped and I cannot reconnect :-)
The script warns of that.
I did forget to include the custom script, though.
Okay.
Wait, looking again, I see you are doing the test on TW. That will not work, it needs Leap. Parts of sfw2 were removed because they were not needed, precisely the parts that do clever things like supporting NFS4 (firewalld was said it would work with nfs4).
That is gobbledegook - why would the _conversion_ not work? I don't care about the end-result. If it makes you happy, I'll try Leap instead, but I doubt if anything was "removed" from sfw2 - why would anyone make changes to a script that has been deprecated for years?
It is SuSEfirewall2 which will not run, pieces were removed. That _rpc_ thing and similars.
I'll run a diff when I get installed on my leap test system.
-- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)