When I click “Firewall” in YaST in order to go inside the settings and turn on the firewall (which is actually OFF) I am getting the message:
Another Fiwall Active
Another kind of firewall is active on your system.
If you continue, SuSEfirewall2 may produce undefined errors.
It would be better to remove the other firewall before
configuring SuSEfirewall2.
Continue with configuration?
I don’t know what that “other” kind of firewall is. I haven’t installed any other firewall. When I go to YaST>Services, SuSEfirewall2 is definitely Inactive and Disabled.
If I continue with the configuration, I can turn on the firewall and it works fine.
Just a guess. Do you have any IP rules defined yourself? I can imagine that YaST checks if there are any IP rules active and when yes, then decides that it is not the only one tinkering with them.
Another guess (I do not run a firewall, nor am I used to using IP tables).
in /etc/sysconfig, there are several files/directories with SuSEfirewall2 in their names. Maybe when one or more of them is not in the same state as YaST would configure them (or in virgin state since installation), YaST may think another partner is in play.
As my example output above was created using 13.1, I started a 1.2 system here, but I get the same emtpy lists. So my guess seems to be a bit correct in that there is something.
The fact that you (as person) say that you did not touch them is not very relevant. What we have to find out if something touched them. Or least what is done to them where, so we can reverse that. Best thing would be to heck againt the originals, but as you don’t have them, maybe looking at change dates brings something. The word “terabase” in your listing looks the most unique there. Searching for it in those files might help.
All guessing and things that I probably would do,
As said, I am not a real ip tables/firewall guru, the above was only geussing. I hope a more knowing person will join us.
One thing you could try is to “continue” with the YaST module and see what happens. Look around in the screens there, As long as you do not confirm things, nothing will happen.
The above is only a list of defined ports. The fact that it is in the list is no problem. The question is if it is somewhere in the firewall files. Or the number 4000 instead.
I googled terabase and there is something about Remore-Anything. I have no idea what it is, but it does not sound as if I would need it.
You could check if you have a port listening on 4000, as root
> The above is only a list of defined ports. The fact that it is in the
> list is no problem. The question is if it is somewhere in the firewall
> files. Or the number 4000 instead.
>
I don’t know about terabase, but port 4000 I have the feeling I used
either for a VoIp application or for p2p (emule?).
Tested on my other machine (also openSUSE 13.2) - absolutely the same behavior and again ‘iptables -L’ gives the exact same output!
I haven’t installed emule or any particular Voip software.
Just to note - this doesn’t actually cause any problem if I click “Continue” and then turn on the firewall. But it kind of bothers me to see open ports by default like that.
> Just to note - this doesn’t actually cause any problem if I click
> “Continue” and then turn on the firewall. But it kind of bothers me to
> see open ports by default like that.
Well, I always install with the firewall up during the installation,
IIRC. I haven’t had to activate it later, so I wouldn’t see your situation.