Results 1 to 7 of 7

Thread: What disables my firewall?

  1. #1
    Join Date
    Sep 2010
    Location
    Poland
    Posts
    181

    Default What disables my firewall?

    I noticed a strange thing.
    I tried to get into YaST->Firewall but I couldn't.
    I checked running services in YaST and firewalld was inactive (dead), even though it should start on boot.
    I started this service in YaST but then on other start ups of system it is the same. Firewalld is dead.

    Here is some output:
    sudo rcfirewalld status

    [sudo] password for root:
    ● firewalld.service - firewalld - dynamic firewall daemon
    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: disabled)
    Active: inactive (dead)
    Docs: man:firewalld(1)

    sudo /sbin/rcSuSEfirewall2 status

    ● SuSEfirewall2.service - SuSEfirewall2 phase 2
    Loaded: loaded (/usr/lib/systemd/system/SuSEfirewall2.service; enabled; vendor preset: disabled)
    Active: active (exited) since Wed 2019-03-06 16:01:35 CET; 1h 6min ago
    Process: 1282 ExecStart=/usr/sbin/SuSEfirewall2 boot_setup (code=exited, status=0/SUCCESS)
    Main PID: 1282 (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 4915)
    CGroup: /system.slice/SuSEfirewall2.service

    Mar 06 16:01:34 linux-jotu systemd[1]: Starting SuSEfirewall2 phase 2...
    Mar 06 16:01:34 linux-jotu SuSEfirewall2[1282]: Setting up rules from /etc/sysconfig/SuSEfirewall2 ...
    Mar 06 16:01:34 linux-jotu SuSEfirewall2[1282]: using default zone 'ext' for interface eth1
    Mar 06 16:01:35 linux-jotu SuSEfirewall2[1282]: Firewall rules successfully set
    Mar 06 16:01:35 linux-jotu systemd[1]: Started SuSEfirewall2 phase 2.
    How to fix it?
    Linux 4.12.14
    openSUSE Leap 15.0 - 64 bit
    KDE Plasma 5.12.15
    KDE Framework 5.44.0
    Qt - 5.9.4

  2. #2
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    10,927
    Blog Entries
    2

    Default Re: What disables my firewall?

    firewalld is not the same as SuSEFW2,

    firewalld is the default firewall configuration manager today
    SuSEFW2 is the old way which is not recommended anymore, but is likely still present for those who still must or want to use the old tool.

    When you run the YaST firewall module the first time, it's supposed to install firewall-config which is the graphical tool to manage firewalld.

    To configure a systemd service to start automatically on boot, the service has to be enabled as follows (note in your posted firewalld Unit file that the service is "disabled" by default). And, don't use "rc" commands anymore, those will still work for services that still have an init configuration, but won't for others and may disappear eventually (ie if the code is completely re-written)

    Code:
    systemctl enable firewalld.service
    HTH,
    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  3. #3
    Join Date
    Feb 2010
    Location
    Germany
    Posts
    2,478

    Question Re: What disables my firewall?

    Quote Originally Posted by GazetaCypr View Post
    I tried to get into YaST->Firewall but I couldn't.
    I checked running services in YaST and firewalld was inactive (dead), even though it should start on boot.
    Please check that, the following packages are installed:
    • firewalld
    • firewalld-lang
    • python3-firewall
    • yast2-firewall
    • firewall-config
    • firewall-macros

    Please check that, the following packages are not installed:
    • SuSEfirewall2
    • SuSEfirewall2-fail2ban

    Please check that the systemd Firewall service is properly enabled:
    Code:
     > systemctl list-unit-files | grep -i 'firewall'
    dbus-org.fedoraproject.FirewallD1.service                        enabled
    firewalld.service                                                enabled
     >
    Any systemd service which deals with the SuSEfirewall is an indication that, the SuSEfirewall packages have not been cleanly removed …

  4. #4
    Join Date
    Sep 2010
    Location
    Poland
    Posts
    181

    Default Re: What disables my firewall?

    Thanks

    @tsu2
    I did what you said
    Code:
    systemctl enable firewalld.service
    but after rebooting it is the same:
    systemctl status firewalld
    ● firewalld.service - firewalld - dynamic firewall daemon
    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: disabled)
    Active: inactive (dead)
    Docs: man:firewalld(1)
    @dcurtisfra

    I do have all those packages.
    And here is output
    systemctl list-unit-files | grep -i 'firewall'
    dbus-org.fedoraproject.FirewallD1.service enabled
    firewalld.service enabled
    I just remember that few weeks ago I was installing a Brother printer to print over the network. Maybe it has something to do with it?
    Linux 4.12.14
    openSUSE Leap 15.0 - 64 bit
    KDE Plasma 5.12.15
    KDE Framework 5.44.0
    Qt - 5.9.4

  5. #5
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    10,927
    Blog Entries
    2

    Default Re: What disables my firewall?

    Post the results of the following
    Code:
    systemctl status firewalld.service
    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  6. #6
    Join Date
    Sep 2010
    Location
    Poland
    Posts
    181

    Default Re: What disables my firewall?

    Here it is:
    systemctl status firewalld.service
    ● firewalld.service - firewalld - dynamic firewall daemon
    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: disabled)
    Active: active (running) since Thu 2019-03-07 07:22:01 CET; 8min ago
    Docs: man:firewalld(1)
    Main PID: 1133 (firewalld)
    Tasks: 2 (limit: 4915)
    CGroup: /system.slice/firewalld.service
    └─1133 /usr/bin/python3 -Es /usr/sbin/firewalld --nofork --nopid

    Mar 07 07:21:53 linux-jotu systemd[1]: Starting firewalld - dynamic firewall daemon...
    Mar 07 07:22:01 linux-jotu systemd[1]: Started firewalld - dynamic firewall daemon.
    I think it started working - I guess - after removing > SuSEfirewall2 <
    Linux 4.12.14
    openSUSE Leap 15.0 - 64 bit
    KDE Plasma 5.12.15
    KDE Framework 5.44.0
    Qt - 5.9.4

  7. #7
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    10,927
    Blog Entries
    2

    Default Re: What disables my firewall?

    Quote Originally Posted by GazetaCypr View Post
    Here it is:


    I think it started working - I guess - after removing > SuSEfirewall2 <
    Yes, but even if SuSEFW2 is installed on your system, as long as you don't start it up there won't be a conflict.
    Glad to see you're working now.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •