[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: gripe/question: /etc/sysconfig/system-config-firewall???



Douglas McClendon wrote:
Anybody care to explain to me the logic of the file

/etc/sysconfig/system-config-firewall

which makes my kickstart and/or lokkit invocations not be respected?

I.e. port 22 remains open even if I do

lokkit --enabled

(or just firewall --enabled in kickstart)

It seems like if anything lokkit should be writing this file, not reading one installed by an rpm. But maybe I just need a clue. ???

Bahh, I still need a clue, but I'm suspecting now that something did write to that file and it doesn't have 22 in it as installed. But having seen but not read the thread here about packages opening up ports in the firewall rules, I did do rpm -q --scripts openssh-server and didn't see IT doing anything that would write to that file. clue please...???

Basic issue: I do a kickstart install with

firewall --enabled

NOT

firewall --enabled --port=22:tcp

and I still see port 22 open, and the only clue I've found is that if I delete the contents of /etc/sysconfig/system-config-firewall, then I can actually get 22 closed via 'lokkit --enabled' which seems to be the appropriate way. (though it seems like it should work without having to muck with the sysconfig file)

-dmc


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]