On Tue, 7 Aug 2018 18:56:53 +0200 "Carlos E. R." <robin.listas@telefonica.net> wrote:
On 2018-08-07 15:11, Dave Howorth wrote:
On Tue, 7 Aug 2018 14:45:23 +0200 (CEST) "Carlos E. R." <> wrote:
My guess is that you upgraded to Leap 15.0 from some previous version, or perhaps tumbleweed, and you are running the old firewall which has not been migrated by *you* to the new firewall.
Sorry, I'm on Leap 15.0 and it was upgraded by zypper from Leap 42.3
Looking at YaST software listings, apparently I have both SuSEfirewall2 and firewalld installed, along with firewall-config, firewall-macros, firewalld-lang, python3-firewall, xfwp & yast2-firewall.
Nothing told me to migrate a firewall. I don't want a firewall. Is it safe to just remove all these packages?
Well, it is up to you to decide to have a firewall or not. I always have one on every machine I control.
Thanks Carlos, and thanks to Darryl too. I stopped the services (YaST balked and I had to do it twice) and now I can access TV remotely as I wished. I know the arguments for having a firewall, but I've been caught too often by situations like I've just had that have wasted days of my time.
If you really do not want a firewall, just:
systemctl status firewalld.service systemctl stop firewalld.service systemctl disable firewalld.service
systemctl status SuSEfirewall2.service systemctl stop SuSEfirewall2.service systemctl disable SuSEfirewall2.service
and then remove SuSEfirewall2 packages.
You get both because you may want to migrate your settings from the previous firewall in 42.3 to the new one in 15.0. There is a tool that automates that migration, I forgot the name and it is not documented in the release notes.
Ah. Google finds it: "susefirewall2-to-firewalld"
I read the README as they suggested but am now confused. It says it is a simple script but it talks about 'start/stop/restart firewalld and SuSEfirewall2 services'. That doesn't sound simple to me. Does that mean even if I have both firewalls shut down, it is going to start them? I'd have thought a simple script would migrate a configuration by editing some configuration scripts? I'd be happy to do that, against the event that I might find some reason to use firewalld in the future. OTOH, if I just start firewalld as a new installation, I would hope there's a graphical first-time-run program to guide me through setting it up? In which case, there wouldn't be much point in preserving a configuration I already know has some problem.
If you are sure you do not want to migrate settings, then just delete SuSEfirewall2 packages, then enable and start firewalld.service, then open the needed ports.
But if I don't want a firewall, why not just delete it? PS I opened a bug about text selection from YaST https://bugzilla.opensuse.org/show_bug.cgi?id=1104069 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org