On 2024-07-14 19:25, Carlos E. R. wrote:
On 2024-07-15 02:52, Darryl Gregorash wrote:
On 2024-07-14 17:07, David C. Rankin wrote:
All,
I rarely mess with the firewall in Yast, so this may be expected behavior. I made changes to allow remote LAN connections to a postgresql database. The connections failed claiming port 5432 wasn't open on my laptop.
I used Yast firewall to put the wireless connection on "home", set it as default and added postgresql to the allowed services and clicked "Accept". The remote connections continued to fail, so I used netstat to check whether the port was open with:
$ sudo netstat -tulpn | grep LISTEN
Neither postgresql or port 5432 was shown. This seemed bizarre. So I manually restarted firewalld (e.g. sudo systemctl restart firewalld) and bingo, the port was open.
Isn't Yast-Firewall supposed to restart firewalld after changes are made?
I wasn't aware that Yast-Firewall had anything to do with firewalld.
YaST firewall is supposed to handle whatever firewall openSUSE runs, either firewald or SuSEfirewall2. As the later is gone, it means YaST firewall module has to handle firewalld, or be removed from the distribution.
Thus, it is a bug in YaST.
Take a good look at firewalld. Yast-Firewall doesn't know about sets of things to which a rule applies, so it doesn't even adequately configure firewalld.