Two laptops with 15.2 beta (Gnome), simply connected via cable+switch, one clean install, the other upgraded from 15.0.
By default install all remote ports are closed, so open port 22 in firewall and assign wired-eth0 to home zone in both systems; nevertheless ssh is not possible.
It turns out that the upgraded laptop is still using SuSEfirewall2:
linux-iqba:~ # systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: disabled)
Active: inactive (dead)
Docs: man:firewalld(1)
linux-iqba:~ # journalctl -b -u firewalld.service
-- Logs begin at Fri 2017-10-20 11:29:08 CEST, end at Wed 2020-04-15 12:30:48 CEST. --
-- No entries --
linux-iqba:~ # journalctl -b -u SuSEfirewall2.service
-- Logs begin at Fri 2017-10-20 11:29:08 CEST, end at Wed 2020-04-15 12:31:02 CEST. --
Apr 15 11:16:23 linux-iqba systemd[1]: Starting SuSEfirewall2 phase 2...
Apr 15 11:16:23 linux-iqba SuSEfirewall2[1610]: Setting up rules from /etc/sysconfig/SuSEfirewall2 ...
Apr 15 11:16:23 linux-iqba SuSEfirewall2[1610]: using default zone 'ext' for interface eth0
Apr 15 11:16:23 linux-iqba SuSEfirewall2[1610]: using default zone 'ext' for interface wlan0
Apr 15 11:16:26 linux-iqba SuSEfirewall2[1610]: Firewall rules successfully set
Apr 15 11:16:26 linux-iqba systemd[1]: Started SuSEfirewall2 phase 2.
linux-iqba:~ # systemctl status SuSEfirewall2.service
● SuSEfirewall2.service - SuSEfirewall2 phase 2
Loaded: loaded (/usr/lib/systemd/system/SuSEfirewall2.service; enabled; vendor preset: disabled)
Active: active (exited) since Wed 2020-04-15 11:16:26 CEST; 1h 15min ago
Process: 1610 ExecStart=/usr/sbin/SuSEfirewall2 boot_setup (code=exited, status=0/SUCCESS)
Main PID: 1610 (code=exited, status=0/SUCCESS)
Tasks: 0
CGroup: /system.slice/SuSEfirewall2.service
Apr 15 11:16:23 linux-iqba systemd[1]: Starting SuSEfirewall2 phase 2...
Apr 15 11:16:23 linux-iqba SuSEfirewall2[1610]: Setting up rules from /etc/sysconfig/SuSEfirewall2 ...
Apr 15 11:16:23 linux-iqba SuSEfirewall2[1610]: using default zone 'ext' for interface eth0
Apr 15 11:16:23 linux-iqba SuSEfirewall2[1610]: using default zone 'ext' for interface wlan0
Apr 15 11:16:26 linux-iqba SuSEfirewall2[1610]: Firewall rules successfully set
Apr 15 11:16:26 linux-iqba systemd[1]: Started SuSEfirewall2 phase 2.
linux-iqba:~ #
Manually restarting firewalld I eventually got the desired ssh connection working.
Is all that obvious (I’m sort of networking-noob) or is it worth reporting?
Upgrade from 15.0 is still mentioned in the QA-Leap testing spreadsheet, I found nothing related in the Release Notes and SDB pages are mostly outdated or misleading at best IMHO.
Is there a better reference or recommended procedure to switch to firewalld?