I did a fresh install of Tumbleweed a couple of days ago. Previously, in YAST in the Firewall section, there was an option to merely turn the firewall off. In this new install, I cannot find that option. The firewall is blocking my network printer, scanner and other services, which is truly annoying. I have no idea how to go through and enable all the services necessary to get everything to work with the firewall and wish to just turn it off. Could someone help me figure out how to disable the firewall completely?
I would not be opposed to that, but I won’t do it myself as I don’t use Tumbleweed and never used firewalld either…
When I started the new Firewalld module after the snapshot update, it didn’t automatically start / enable firewalld so the module was just spinning waiting to connect.
Also, the upgrade left the Susefirewall2 active / enabled so perhaps a note about disabling that would be good as well.
Somebody should probably file a bug report about that.
But I suppose the “migration” is just still work in progress… Or SuSEfirewall2 is left installed/running on purpose to not disrupt people’s systems/firewalls when updating.
And probably firewalld is started fine on a fresh installation, and SuSEfirewall2 not installed at all. Haven’t tried that yet though.
I will go ahead and add the information as well as file a bug report. You are probably correct that it was left in place as to not disrupt people’s systems when upgrading. I had to set the rules as nothing carried over. No problem though. I know what I’ve gotten into with Tumbleweed.
Just wondering if anyone knows whether there is any current effort to modify YaST to support firewalld.
Assuming at the moment that the time and effort to do this should be next to trivial.
Although I don’t have the time at the moment (have to finish current projects), I assume the current YaST Firewall module must be on github (or OBS)… So assuming current code is “well written” it shouldn’t be difficult to insert the necessary code to detect a TW install and issue firewalld directives (At the moment I assume you can’t simply test for existence of firewalld since it seems that both SuSEfirewall2 and firewalld are both installed although only one is enabled).
In any case, installed a new TW before posting and I see that YaST installs the firewalld GUI configurator “firewall-config” and now forwards the YasT firewall module link to firewall-config instead. Should be sufficient until someone might want to go back to SuSEfirewall2… I assume that all that would be required should be to remove the re-direction however it’s done…
It currently just runs firewall-config (which is a tool shipped with firewalld, uses GTK I think), but that doesn’t work in text mode.
As mentioned, you can also use firewall-cmd to configure it though.