[opensuse] Yast network config and no firewall
In the systems we set up for data collection, we disable the firewall and do not install the firewall software. They are in vehicle on the road with no connection to the outside world. So we have no use for this feature. In Yast, when configuring a NIC, one always gets a dialog telling that the firewall software is not installed. One can click past it. But, if the firewall is disabled and the software not installed, is this dialog really necessary? I admit it is not a big thing. We don't configure the NICs very often. But it seems odd to single out that one feature and keep nagging about it. (There. I have passed on our users' complaint...) -- Roger Oberholtzer -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Roger Oberholtzer wrote:
In the systems we set up for data collection, we disable the firewall and do not install the firewall software. They are in vehicle on the road with no connection to the outside world. So we have no use for this feature.
Exactly what we do for our office systems.
In Yast, when configuring a NIC, one always gets a dialog telling that the firewall software is not installed. One can click past it. But, if the firewall is disabled and the software not installed, is this dialog really necessary? I admit it is not a big thing. We don't configure the NICs very often. But it seems odd to single out that one feature and keep nagging about it.
https://bugzilla.opensuse.org/show_bug.cgi?id=898865 -- Per Jessen, Zürich (2.8°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Feb 01, Roger Oberholtzer wrote:
In the systems we set up for data collection, we disable the firewall and do not install the firewall software. They are in vehicle on the road with no connection to the outside world. So we have no use for this feature.
In Yast, when configuring a NIC, one always gets a dialog telling that the firewall software is not installed. One can click past it. But, if the firewall is disabled and the software not installed, is this dialog really necessary? I admit it is not a big thing. We don't configure the NICs very often. But it seems odd to single out that one feature and keep nagging about it.
I've always gone the route at OS install of "disable" SuSE firewall, but without the sledgehammer of not installing the thing. Thus I don't get the dialogs of which you speak, and as far as I'm concerned, the thing isn't there. (I run my own handrolled iptables scripts). HTH. Michael -- Michael Fischer michael@visv.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Feb 1, 2018 at 10:59 PM, Michael Fischer <michael@visv.net> wrote:
I've always gone the route at OS install of "disable" SuSE firewall, but without the sledgehammer of not installing the thing. Thus I don't get the dialogs of which you speak, and as far as I'm concerned, the thing isn't there. (I run my own handrolled iptables scripts).
These openSUSE installs were built by us with kiwi. We don't ask that the firewall stuff be installed. So it's not a matter of removing it. It's never there. It would be odd to add software we will not use just to get rid of a message that the software we have chosen not it install is, in fact, not really there. It's an example of a distribution setting policy. Which I'm not sure it should so. I think it is rather misleading that this check be done. I'm sure there are other security things that we do not install, and there is no complaint. Why single out firewall? Perhaps a better Yast module would be one that checks system security in a more general and complete fashion. Just like many applications that check if all their dependent parts are present. Like "inxi --recommends". No matter. Everything works as it is. -- Roger Oberholtzer -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (3)
-
Michael Fischer -
Per Jessen -
Roger Oberholtzer