https://bugzilla.novell.com/show_bug.cgi?id=468426
User locilka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=468426#c1
Lukas Ocilka changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
CC| |locilka@novell.com
Info Provider|locilka@novell.com |
--- Comment #1 from Lukas Ocilka 2009-01-22 08:01:32 MST ---
SuSEfirewall newly uses services defined by packages. These services are
defined by separate files in /etc/sysconfig/SuSEfirewall2.d/services directory.
These services are different to the previous firewall settings because they add
one another level of transparency. You don't check the ports anymore, you just
check the availability of a service in configuration (of allowed services).
See "FW_CONFIGURATIONS_EXT":"cups dhcp-server sshd",
Your printer configuration checks the low level settings, what you need is the
higher level of checking, for instance:
* IsServiceSupportedInZone
IsServiceSupportedInZone ("service:irc-server", "EXT") -> true
* GetServicesInZones
GetServicesInZones (["samba-server"])
-> $["samba-server":$["eth1":false]]
See http://forgeftp.novell.com/yast/doc/SL11.1/modules/SuSEFirewall.html for
more information.
You are currently using this:
SuSEFirewall::HaveService( "631", "UDP", "INT" )
SuSEFirewall::HaveService( "631", "TCP", "EXT" )
By the way, Miso uses an agent for tuning the configuration defined by service
(that sysconfig file in /etc/sysconfig/SuSEfirewall2.d/services directory) for
apache configuration. You can use the same approach for fine-tuning of the
printer configuration.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.