https://bugzilla.novell.com/show_bug.cgi?id=296997 Summary: /sbin/SuSEfirewall2 incorrectly parses FW_TRUSTED_NETS in /etc/sysconfig/SuSEfirewall2: protocol is supposed to be optional, but /sbin/SuSEfirewall2 requires it. Product: SUSE LINUX 10.0 Version: Final Platform: All OS/Version: SuSE Pro 9.3 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: baker@usgs.gov QAContact: qa@suse.de Found By: Customer NOTE: I have SuSE Linux Professional 9.3. I do not know if this bug exists in later versions of SuSE Linux. I cannot find anything when I search using FW_TRUSTED_NETS as the search term, so I assume later versions still use SuSEfirewall2 and it has not been fixed. I received the following e-mail this morning for the bug report I submitted yesterday: Please submitt the following information to BUGZILLA https://bugzilla.novell.com/index.cgi
08/01/07 1:34 PM >>> _11-Your_Name: Larry Baker _12-Email: baker@usgs.gov _13-Number: 650-329-5608 _14-Company_Name: US Geological Survey _15-Company_Address: 345 Middlefield Road MS977 _20-Product: SuSE Linux Professional 9.3 (Retail) _21-Defect: /sbin/SuSEfirewall2 incorrectly parses FW_TRUSTED_NETS in /etc/ sysconfig/SuSEfirewall2: protocol is supposed to be optional, but / sbin/SuSEfirewall2 requires it. _22-Other_Product: None. _23-Steps: FW_TRUSTED_NETS="130.118.43.0/24 130.118.44.0/22 130.118.215.0/24 137.177.4.0/24 130.11.5.0/24"
An error message is printed when the firewall starts that says FW_TRUSTED_NETS must have a protocol specified. _24-Other_Scenarios: Didn't try others _25-Environment_Description: Simple NFS file server (no logins) with linux-decnet package added. _26-Reported: Production_and_Testing _27-Testing_Environment: No _28-Fix: Fix the parser in /sbin/SuSEfirewall2 to permit FW_TRUSTED_NETS without a protocol[,port]: change line 1255 from elif check_proto_port "$proto" "$port" "" 'FW_TRUSTED_NETS'; then to elif [ -z "$proto" -a -z "$port" ] || \ check_proto_port "$proto" "$port" "" 'FW_TRUSTED_NETS'; then _22-Additional: Works exactly as intended with the fix. _29-Patch: 2.6.11.4-21.17-default -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.