http://bugzilla.suse.com/show_bug.cgi?id=1043446
Bug ID: 1043446
Summary: AutoYaST does not open ssh port in SuSEfirewall2 on
first boot
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 42.3
Hardware: x86-64
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Installation
Assignee: yast2-maintainers@suse.de
Reporter: jmader2@gmu.edu
QA Contact: jsrain@suse.com
Found By: ---
Blocker: ---
autoinst.xml,
<firewall>
sshd avahi
true
true
</firewall>
<services-manager>
<services>
<enable config:type="list">
<service>sshd</service>
</enable>
</services>
</services-manager>
this is not the case in Leap 42.3-Build0270 on first boot, traffic to 22/tcp is
dropped.
Jun 08 13:06:21 linux kernel: SFW2-INext-DROP-DEFLT IN=em1 OUT= ... LEN=84 TC=0
HOPLIMIT=64 FLOWLBL=929175 PROTO=TCP SPT=58096 DPT=22 WINDOW=65535 RES=0x00 SYN
URGP=0 OPT (020405A0010303050101080A2553A0F0000000000402000
Note, the installation summary screen in 42.3 continues to erroneously show
that the ssh port will be blocked and ssh service will be disabled just like it
does in 42.2, but in 42.2 ssh is open and enabled on first boot after
installation.
If the service SuSEfirewall2 is stopped then started, the correct entries will
be added to the Chain input_ext (1 references)
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:mdns
but they are missing after first boot.
--
You are receiving this mail because:
You are on the CC list for the bug.