Hi
today update openSUSE after update not working firewall
show this windows
http://s000.tinyupload.com/?file_id=52298461283724212677
http://s000.tinyupload.com/?file_id=52298461283724212677
not openig firewall and freeze message “trying to connect to firewalled, waiting”
how to fix ?
See other threads about this topic:
https://forums.opensuse.org/showthread.php/529283-Cannot-Turn-Off-Firewall-In-YAST-Firewall-Section
https://forums.opensuse.org/showthread.php/529290-can-anyone-provide-a-clear-overview-of-the-move-to-firewalld
In short, Tumbleweed switched to using firewalld instead of SuSEfirewall2 by default, and the YaST module now only calls firewalld’s config tool which of course only works with firewalld.
But on your system, SuSEfirewall2 is likely still running.
Either disable it and enable firewalld (and set it up properly to your needs), or configure SuSEfirewall2 manually in /etc/sysconfig/SuSEfirewall2.
Thank you
I uninstall SuSEfirewall2, and enable firewalld,now working firewall
Do i need SuSEfirewall2?
No - not now that you have firewalld running.
No. That was just used as default firewall in openSUSE until recently, in the future it will be firewalld.
You have to decide yourself if you need a firewall at all though…
But, you may have to configure firewalld from scratch, AFAIK there is no automatic migration of the settings (although the package comes with a migration script that you can run manually, I think).
Only an issue if you heavily customized SuSEfirewall2 I suppose, and probably the reason why SuSEfirewall is currently not uninstalled automatically either.
Thank you for description
open firewall and select zone “home” , in the zone “home” not checked (http,https)
why i can access http and https with firefox
for test:
how to set block http.https or web contact in the firefox?
Because the firewall normally only blocks incoming traffic. That was the same with SuSEfirewall2.
how to set block http.https or web contact in the firefox?
No idea, never used firewalld.
Maybe you need to setup custom iptables rules for that…
But why would you want to?
Firefox is pretty useless if it cannot access http and https, isn’t it? You could just as well uninstall it…
OK, Is there a software for block internet for apps?
i want just access internet firfox and system
for example
i dont want to use internet other apps same smplay or vlc …
No idea, I have no interest in that.
It should definitely be doable via iptables, maybe there is some nice GUI application that allows to set it up too, but I don’t know any.
Or it should also be doable via AppArmor.
I’d suggest to better open a new thread with a suitable title to ask that question.
Are you suggesting to block some ip and port for safely internet ?
I mean, maybe some of the ports that are open better should be closed
No, I didn’t suggest anything.
I mean, maybe some of the ports that are open better should be closed
Again, that only applies to incoming connections.
But as long as there’s no service listening on those ports, it doesn’t matter really.