Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Managing SuSE Firewall

  1. #1

    Default Managing SuSE Firewall

    Greetings!

    I would like to manage the firewall from the command line or with files VIA puppet, however this peice of software seems pretty complicated compared to the other distributions and generic iptables commands / configurations we push out.

    Can anyone please advise of how to control this VIA the CLI / config file that is more straight forward?

    Many thanks!
    Austin Smith

  2. #2
    Join Date
    Jun 2008
    Location
    Groningen, Netherlands
    Posts
    14,023
    Blog Entries
    12

    Default Re: Managing SuSE Firewall

    Hi Austin, welcome here.....

    Assuming this is for a headless server, are you aware of the ability to run YAST from the command line? IMHO a much better way than editing a firewall's config files by hand.
    Login as a user, invoke
    Code:
    su -c yast
    (enter rootpassword)
    - Athlon X6 3.6 GHz, 16 GB DDR3, 30 GB SSD, 3 TB of disks, GT540, openSUSE 12.2 x86_64 + KDE 4.10 + GNOME 3
    - ASUS A73SD, Intel + GT610M Optimus, 6 GB, 120 GB SSD, openSUSE Tumbleweed

    Anything that can go wrong.... will teach us

    http://en.opensuse.org/User:Knurpht
    http://nl.opensuse.org/Gebruiker:Knurpht

  3. #3

    Default Re: Managing SuSE Firewall

    Thank you for the warm welcome!

    You are correct, they are headless servers. We do not have a GUI installed, and primarily use yast in the manner you specified. I am looking to manage the firewall w/ puppetlabs product, puppet. However, I cannot find a clear cut way to manage this from it's configuration file. The only other option I can think of is to use IPtables directly..

    Any thoughts?
    Thanks,
    Austin

  4. #4
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    21,552

    Default Re: Managing SuSE Firewall

    On 2011-04-25 21:06, austingsmith wrote:
    > Can anyone please advise of how to control this VIA the CLI / config
    > file that is more straight forward?


    _THE_ configuration file is "/etc/sysconfig/SuSEfirewall2" - that's it.
    Then you issue "SuSEfirewall2" to load the changes.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.2 x86_64 "Emerald" at Telcontar)

  5. #5
    Join Date
    Nov 2009
    Location
    ND, USA
    Posts
    1,058

    Default Re: Managing SuSE Firewall

    On Mon April 25 2011 03:06 pm, austingsmith wrote:

    >
    > Thank you for the warm welcome!
    >
    > You are correct, they are headless servers. We do not have a GUI
    > installed, and primarily use yast in the manner you specified. I am
    > looking to manage the firewall w/ puppetlabs product, puppet. However,
    > I cannot find a clear cut way to manage this from it's configuration
    > file. The only other option I can think of is to use IPtables
    > directly..
    >
    > Any thoughts?
    > Thanks,
    > Austin
    >
    >

    Austin;

    Have you tried the ncurses version of YaST suggested by Knurpht. Either of
    the following commands launch YaST from the CLI.
    Code:
    YaST
    or
    yast
    Either of these launch YaST but you need to su to root first. Note: "YAST"
    will not be recognized. You navigate from the keyboard. Tabs, Arrow Keys and
    ALT <key> sequences. It is fairly transparent how to navigate once
    launched.

    --
    P. V.
    "We're all in this together, I'm pulling for you." Red Green

  6. #6

    Default Re: Managing SuSE Firewall

    Quote Originally Posted by austingsmith View Post
    You are correct, they are headless servers. We do not have a GUI installed, and primarily use yast in the manner you specified. I am looking to manage the firewall w/ puppetlabs product, puppet. However, I cannot find a clear cut way to manage this from it's configuration file. The only other option I can think of is to use IPtables directly..
    You want to use Puppet instead of Yast, right ?
    If I understand you right, the only way is to disable the firewall in Yast and start a new configuration from scratch in Puppet (if it is able to).
    You will obviously have to tweak some config to start the firewall during init.

  7. #7
    Join Date
    Feb 2011
    Location
    127.0.0.1
    Posts
    470

    Default Re: Managing SuSE Firewall

    @ herbwahn

    Is it easier to configure it in Puppet?

  8. #8

    Default Re: Managing SuSE Firewall

    Quote Originally Posted by riderplus View Post
    @ herbwahn

    Is it easier to configure it in Puppet?
    As far as I can see, puppet is a system for configuration management (kind of + more).
    Do you want to use it to distribute the firewall configuration to several machines in your infrastructure?

  9. #9
    Join Date
    Feb 2011
    Location
    127.0.0.1
    Posts
    470

    Default Re: Managing SuSE Firewall

    No, it would be only for my laptop. If it's easy to configure the firewall, I might give it a shot. If you have used it, you know it better than me.

  10. #10

    Default Re: Managing SuSE Firewall

    Quote Originally Posted by riderplus View Post
    No, it would be only for my laptop. If it's easy to configure the firewall, I might give it a shot. If you have used it, you know it better than me.
    Sorry, I took you for the OP of this thread.

    NO, it is NOT easier to configure the firewall with Puppet. It's purpose is ... completely different.
    See: Puppet

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •