Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

After they got rid of capital punishment, they had to hang twice as many people as before.


aus+uk / uk.comp.os.linux / Re: odd firewall behaviour

SubjectAuthor
* odd firewall behaviourAndy Burns
`* Re: odd firewall behaviourAndy Burns
 `* Re: odd firewall behaviour#Paul
  `- Re: odd firewall behaviourAndy Burns

1
odd firewall behaviour

<jn4d73F37tsU1@mid.individual.net>

 copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=718&group=uk.comp.os.linux#718

 copy link   Newsgroups: uk.comp.os.linux
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!lilly.ping.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@andyburns.uk (Andy Burns)
Newsgroups: uk.comp.os.linux
Subject: odd firewall behaviour
Date: Mon, 29 Aug 2022 19:01:07 +0100
Lines: 16
Message-ID: <jn4d73F37tsU1@mid.individual.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net xU8ENmRV7PGQWmcsbHSpbQD51j7on4mlKN9xlnmxvq1Tgx5lbq
Cancel-Lock: sha1:0amxewTYN8h7hT1Vz7GhBeqSPxk=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
Thunderbird/102.2.0
Content-Language: en-GB
 by: Andy Burns - Mon, 29 Aug 2022 18:01 UTC

I use Fedora, currently F36 but the installation has rolled-over numerous versions.

fedora uses firewalld and I configure it using firewall-config GUI

I've got my interfaces, zones, ports etc configured as I want, and runtime
settings saved to permanent settings, it all works as I want provided I'm logged
in on the console.

However at any time I'm not logged in on the graphical console, the firewall
goes into "block everything" mode, this is rather annoying after a reboot.

I can't see any sign of other users having a similar issue, it didn't used to be
like this until three or four releases ago, the firewall would start-up as
expected with allowed ports working after a reboot.

Any suggestions why?

Re: odd firewall behaviour

<jn4g79F3mrsU1@mid.individual.net>

 copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=719&group=uk.comp.os.linux#719

 copy link   Newsgroups: uk.comp.os.linux
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!lilly.ping.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@andyburns.uk (Andy Burns)
Newsgroups: uk.comp.os.linux
Subject: Re: odd firewall behaviour
Date: Mon, 29 Aug 2022 19:52:25 +0100
Lines: 14
Message-ID: <jn4g79F3mrsU1@mid.individual.net>
References: <jn4d73F37tsU1@mid.individual.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net 07YgRh7rkgnRJBy7T6R35A67QMktOuzyIqQD4VB+zr9VkKyHW2
Cancel-Lock: sha1:/6p9Fu8c0RMAxvehdJ2z+ZNveBM=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
Thunderbird/102.2.0
Content-Language: en-GB
In-Reply-To: <jn4d73F37tsU1@mid.individual.net>
 by: Andy Burns - Mon, 29 Aug 2022 18:52 UTC

Andy Burns wrote:

> it all works as I want provided I'm logged in on the console.

Actually it all works, as log as I'm either logged in on the console, or via
ssh, but as soon as all logins are closed it goes into "blocking" mode.

So after reboot, I can login on console, that enables me to login via ssh, if I
logout the console the ssh connection continues, and e.g pings to the machine
continue to work, as soon as I close the ssh session, the pings stop, and I
can't re-connect over ssh until I re-login on the console ...

Re: odd firewall behaviour

<71tcuixie7.ln2@threeformcow.myzen.co.uk>

 copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=722&group=uk.comp.os.linux#722

 copy link   Newsgroups: uk.comp.os.linux
Path: i2pn2.org!i2pn.org!aioe.org!3GRggUvGWc6WgWU3JZzeYg.user.46.165.242.75.POSTED!not-for-mail
From: news20k....@threeformcow.myzen.co.uk (#Paul)
Newsgroups: uk.comp.os.linux
Subject: Re: odd firewall behaviour
Date: Sat, 03 Sep 2022 22:20:07 +0100
Organization: Aioe.org NNTP Server
Message-ID: <71tcuixie7.ln2@threeformcow.myzen.co.uk>
References: <jn4d73F37tsU1@mid.individual.net> <jn4g79F3mrsU1@mid.individual.net>
Injection-Info: gioia.aioe.org; logging-data="43765"; posting-host="3GRggUvGWc6WgWU3JZzeYg.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.27 (x86_64))
X-Notice: Filtered by postfilter v. 0.9.2
 by: #Paul - Sat, 3 Sep 2022 21:20 UTC

Andy Burns <usenet@andyburns.uk> wrote:
> Actually it all works, as log as I'm either logged in on the console, or via
> ssh, but as soon as all logins are closed it goes into "blocking" mode.

Arguably that might be sensible behaviour for an end-user computer that
isn't being expected to run any persistent services; i.e. unless a user
is present, make sure the computer is safe. Is there perhaps some kind
of setting or config option to change into "server" mode or similar?

#Paul

Re: odd firewall behaviour

<jnlrl6Fq1b2U1@mid.individual.net>

 copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=723&group=uk.comp.os.linux#723

 copy link   Newsgroups: uk.comp.os.linux
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@andyburns.uk (Andy Burns)
Newsgroups: uk.comp.os.linux
Subject: Re: odd firewall behaviour
Date: Mon, 5 Sep 2022 09:51:49 +0100
Lines: 19
Message-ID: <jnlrl6Fq1b2U1@mid.individual.net>
References: <jn4d73F37tsU1@mid.individual.net>
<jn4g79F3mrsU1@mid.individual.net> <71tcuixie7.ln2@threeformcow.myzen.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net CcO5apqdngprnzzDFANutgTYCiHHiaqqlEVYnvIMVKurlIucqR
Cancel-Lock: sha1:poDTUvrBgJLfMHvTM6frXkbcbHo=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
Thunderbird/102.2.1
Content-Language: en-GB
In-Reply-To: <71tcuixie7.ln2@threeformcow.myzen.co.uk>
 by: Andy Burns - Mon, 5 Sep 2022 08:51 UTC

#Paul wrote:

> Andy Burns wrote:
>
>> Actually it all works, as log as I'm either logged in on the console, or via
>> ssh, but as soon as all logins are closed it goes into "blocking" mode.
>
> Arguably that might be sensible behaviour for an end-user computer that
> isn't being expected to run any persistent services; i.e. unless a user
> is present, make sure the computer is safe.

Well, I had wondered that, since I am running Fedora "Workstation" Edition, but
can't find any documentation to that effect, systemd doesn't seem to be
starting/stopping firewalld.service at each login/logout event

> Is there perhaps some kind
> of setting or config option to change into "server" mode or similar?

not found one ...

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor