Results 1 to 7 of 7

Thread: Custom SuSEfirewall services

  1. #1
    Join Date
    Jul 2008
    Location
    Athens
    Posts
    280

    Default Custom SuSEfirewall services

    Hello,
    I would like to configure a custom service in SuSEfirewall because I don't want to open ports. According to the documentation inside the configuration file, I just need to create a file in the /usr/share/SuSEfirewall2/services directory.
    But, this directory doesn't exists.
    And, I haven't found any relevant documentation in the /usr/share/doc about it.

    Any help would be appreciated.

  2. #2
    Join Date
    Mar 2008
    Location
    Oz
    Posts
    11,731
    Blog Entries
    2

    Default Re: Custom SuSEfirewall services

    Have a look in /etc/sysconfig/SuSEfirewall2.d/services

    The fields in there define some options for services. You might be able to make one based on looking at the templates already there.
    Leap 42.3 & 15.1 &KDE
    FYIs from the days of yore

  3. #3
    Join Date
    Mar 2008
    Location
    Oz
    Posts
    11,731
    Blog Entries
    2

    Default Re: Custom SuSEfirewall services

    If you want to see all the options you can have a deeper look into the options in the configuration file located at /etc/sysconfig/SuSEfirewall2. If you don't want to break SuSEfirewall2 while looking into it you can make and study a copy onto your Desktop with this command, written as yourself (not as root):
    Code:
    cat /etc/sysconfig/SuSEfirewall2 > ~/Desktop/SuSEfirewall2
    Leap 42.3 & 15.1 &KDE
    FYIs from the days of yore

  4. #4
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    13,295
    Blog Entries
    2

    Default Re: Custom SuSEfirewall services

    Quote Originally Posted by tpe View Post
    Hello,
    I would like to configure a custom service in SuSEfirewall because I don't want to open ports. According to the documentation inside the configuration file, I just need to create a file in the /usr/share/SuSEfirewall2/services directory.
    But, this directory doesn't exists.
    And, I haven't found any relevant documentation in the /usr/share/doc about it.

    Any help would be appreciated.
    What do you mean that you want to "configure a custom service in SuSEfirewall because... don't want to open ports" ?
    What guide or reference are you following (pls provide link if available)?
    When you say "inside the configuration file," which file is that?
    Do you merely want to create a blocking rule?
    Is there some reason you don't want to configure this using YaST?

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  5. #5
    Join Date
    Jul 2008
    Location
    Athens
    Posts
    280

    Default Απ: Re: Custom SuSEfirewall services

    Quote Originally Posted by tsu2 View Post
    Is there some reason you don't want to configure this using YaST?
    Basically, I would like to use "services" and not ports. For example, I have some high ports open in my firewall in order to test some websites in my home server. Using the ports is not very helpful, I forget which port belongs to which website etc. Having those ports as custom services (eg test-site1, test-site1-tls etc), is much more helpful.

    Quote Originally Posted by tsu2 View Post
    What do you mean that you want to "configure a custom service in SuSEfirewall because... don't want to open ports" ?
    I mean... nothing! Because what I meant is completely different: I don't want to open the relevant ports via yast, or /etc/sysconfig/SuSEfirewall. The reason is explained above.

    I read those:
    https://en.opensuse.org/SuSEfirewall2
    https://www.suse.com/documentation/s...fire_suse.html

  6. #6
    Join Date
    Jul 2008
    Location
    Athens
    Posts
    280

    Default Απ: Re: Custom SuSEfirewall services

    Quote Originally Posted by swerdna View Post
    Have a look in /etc/sysconfig/SuSEfirewall2.d/services

    The fields in there define some options for services. You might be able to make one based on looking at the templates already there.
    Many thanks! That's what I was looking for!

  7. #7
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    13,295
    Blog Entries
    2

    Default Re: Απ: Re: Custom SuSEfirewall services

    Quote Originally Posted by tpe View Post
    Basically, I would like to use "services" and not ports. For example, I have some high ports open in my firewall in order to test some websites in my home server. Using the ports is not very helpful, I forget which port belongs to which website etc. Having those ports as custom services (eg test-site1, test-site1-tls etc), is much more helpful.



    I mean... nothing! Because what I meant is completely different: I don't want to open the relevant ports via yast, or /etc/sysconfig/SuSEfirewall. The reason is explained above.

    I read those:
    https://en.opensuse.org/SuSEfirewall2
    https://www.suse.com/documentation/s...fire_suse.html
    YaST (and now you also have the option to use firewalld which is now default in Tumbleweed) supports rules that reference pre-defined and custom defined applications/services.

    At some level, I don't know that functionality can avoid defining ports and now traffic is handled to/from or through ports.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •