Ta deano. Yes i know that wiki; have read it many times over the months looking for some hint explaining this problem. Well, now, your mentioning
know if the firewall configuration is correct/complete here
triggered me to spend the past hour fiddling with the TW FW settings on both pc’s, & right now i have managed to get KDE Connect to fully work bidirectionally at last… BUT… i am slightly anxious that i might now have stupid FW settings that have exposed one, other or both PC’s ports unwisely to the world. My results also seem to be unintuitive & self-contradictory, IMO.
On both PC’s, irrespective of any FW settings i changed [incredibly [i]including even with the FW purportedly off] the Gibson Shields Up site gave this same result:
https://s17.postimg.org/erj5yxxfz/20171119_004.png
https://postimg.org/image/n8ioa4x2j/
I cannot comprehend this repeatability independent of my FW settings, leading me to suspect:
- Shields Up is not to be believed, or
- My interpretation of Shields Up is wrong, or
- The TW FW is not actually really changing its settings when i tell it to, including when i use the option "Save Settings & Restart Firewall Now
", or 1. I am supposed to reboot my PC’s after editing the FW settings, despite the FW GUI implying that the changes take effect immediately
.
Initially [with KDE Connect being only uni-directional per my earlier post], both PC’s FWs were at default settings, except as mentioned that i had allowed the KDE Connect Service ports [per that wiki]. Said default settings means that each PC’s network interface was NOT assigned to ANY zone [a situation that had puzzled me ever since i began using TW].
So today i then made this the new setting on Lappy:
https://s17.postimg.org/589h60ztb/20171119_005.png
To my amazement Tower’s KDEC then could successfully send files.
I thought i should then make the same setting on Tower, but KDE Connect remained uni-directional. So then i did the opposite zone allocation:
https://s17.postimg.org/q3vrh7j4v/20171119_003.png
…after which KDEC became nicely bidirectional.
Does this make any sense? Are those respective FW settings “good” or dangerous, pls?
POSTSCRIPT: I began preparing this post several hours ago [on Tower, but with Lappy next to me]. Partway through the writing, whilst back in Lappy’s YaST FW settings, Lappy suddenly became severely laggy to all inputs, & cpu went to 99%. Whilst i could not get to see what was eating the cpu, i know that it was not the btrfs maintenance [balancing] cron job, as that runs on Tuesday nights & it’s my Sunday afternoon now]. Eventually with no improvement i had to Ctrl-Alt-Backspace to kill the session, but that did not help as once logged in again it was still overloaded. I tried to reboot but it was ignored. I REISUB’d, & thereafter discovered the extent of the apparent disaster. I can boot, “apparently” unlock my encrypted /home at the screen for that as usual, but then cannot actually login to my Plasma or IceWM desktop anymore, as me or my other user. I tried multiple Snapper Rollbacks, but all gave no change to the preceding symptoms. I rebooted from Live media then ran
sudo btrfs check --repair /dev/sda3
as previously worked for me in Tower [https://forums.opensuse.org/showthread.php/527390-BtrFS-has-gone-ReadOnly-again?p=2840121#post2840121], but all the preceding symptoms [boot, “decrypt & mount”, login just bounces back to login screen] continued. I shall soon make a dedicated thread for this, but wow, never did i suspect that making KDE Connect bidirectional result in “destroying” my Lappy TW <<sarcasm>>