Bug 1290 - Drakfirewall not see correct state of shorewall service
: Drakfirewall not see correct state of shorewall service
Status: RESOLVED FIXED
Product: Desktop Bugs
Classification: ROSA Desktop
Component: Main Packages
: Fresh
: All Linux
: Normal normal
: ---
Assigned To: ROSA Linux Bugs
: ROSA Linux Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-12-21 18:39 MSK by Aleksandr Kazantcev
Modified: 2012-12-26 15:05 MSK (History)
2 users (show)

See Also:
RPM Package: drakx-net
ISO-related:
Bad POT generating:
Upstream:
vladimir.potapov: qa_verified+
alex.burmashev: published+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Kazantcev 2012-12-21 18:39:34 MSK
If you run drakfirewall, it's say that firewall disabled, but shorewall may be anabled and rules was been impliment.
Comment 1 Aleksandr Kazantcev 2012-12-21 18:42:24 MSK
https://abf.rosalinux.ru/build_lists/857899
https://abf.rosalinux.ru/build_lists/857900

Advisory: Drakfirewall has error, that always say for shorewall disabling. This update fix check shorewall state after systemd migrations. Also we fix nfs servise using and drop Interactive Firewall via we not more using net-applet and net-center
Comment 2 Vladimir Potapov 2012-12-26 11:25:07 MSK
The shorewall state not restored after reboot (and after 2-3 settings by drakfirewall).
Comment 3 Aleksandr Kazantcev 2012-12-26 12:06:19 MSK
Why you think is not restored?

First - set up Disable all and see

 iptables -L

it will be clear (not rules)

Then setup options in drakfirewall and see

 iptables -L

rules will be applyed

Then  reboot and check again

 ipatables -L

rules will be similar - shorewall is working...


For full disable shorewall you need uncheck ALL service and check Disable all..
Comment 4 Vladimir Potapov 2012-12-26 13:53:20 MSK
Old problem - iptables not started by default (and any operations in drakfirewall can't change this status). 
This bug present in  marathon too.
Comment 5 Aleksandr Kazantcev 2012-12-26 13:59:47 MSK
We fix iptables... You need has updated system for test this...

What version you use? You need iptables-1.4.15-4

What output for

systemctl | grep failed

and

systemctl status iptables

?
Comment 6 Vladimir Potapov 2012-12-26 14:26:32 MSK
Not errors - service not started (default settings after install).
If I set exec flag in drakxservices, iptables start fine and drakfirewall work correct.
Comment 7 Aleksandr Kazantcev 2012-12-26 14:31:00 MSK
Afrer fresh install iptables was not start - it's broken.

Need update and (as you describe) restart service - we don't possible start it with package...

And i'm think drakfirewall update need be push in repo - it's fix error for user's that has started iptables and start in manually...
Comment 8 Vladimir Potapov 2012-12-26 14:51:17 MSK
drakx-net-1.0-1-rosa2012.1
****************** Advisory ***************
drakfirewall has error, that always say for shorewall disabling. This update fix check shorewall state after systemd migrations. Also we fix nfs servise using and drop Interactive Firewall via we not more using net-applet and net-center
********************************************
QA Verified