Bug 914859

Summary: Additional Service XML Files
Product: [Fedora] Fedora Reporter: Dean Hunter <deanhunter>
Component: firewalldAssignee: Thomas Woerner <twoerner>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 18CC: ayoung, dag.odenhall, jpopelka, twoerner
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: firewalld-0.3.2-1.fc19 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-05-22 03:08:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dean Hunter 2013-02-23 01:21:02 UTC 
Please consider adding XML service files. Here are some of the minimal files I have had to create for services that I use.

xrdp

cat >/etc/firewalld/services/ms-wbt-service.xml <<EOD
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>ms-wbt-service</short>
  <description>Microsoft Windows-based Terminal Server</description>
  <port protocol="tcp" port="3389"/>
</service>
EOD


freeipa-server

cat >/etc/firewalld/services/kerberos.xml <<EOD
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>kerberos</short>
  <description>Kerberos</description>
  <port protocol="tcp" port="88"/>
  <port protocol="udp" port="88"/>
</service>
EOD

cat >/etc/firewalld/services/kpasswd.xml <<EOD
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>kpasswd</short>
  <description>kpasswd</description>
  <port protocol="tcp" port="464"/>
  <port protocol="udp" port="464"/>
</service>
EOD

cat >/etc/firewalld/services/ldap.xml <<EOD
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>ldap</short>
  <description>Lightweight Directory Access Protocol</description>
  <port protocol="tcp" port="389"/>
</service>
EOD

cat >/etc/firewalld/services/ldaps.xml <<EOD
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>ldaps</short>
  <description>Lightweight Directory Access Protocol over SSL</description>
  <port protocol="tcp" port="636"/>
</service>
EOD


mysql

cat >/etc/firewalld/services/mysql.xml <<EOD
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>mysql</short>
  <description>MySQL Database Server</description>
  <port protocol="tcp" port="3306"/>
</service>
EOD
Comment 1 Dag Odenhall 2013-04-22 09:22:20 UTC 
# cat services/transmission.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
  <port protocol="tcp" port="51413"/>
  <port protocol="udp" port="51413"/>
</service>

I'm not sure if both UDP and TCP are necessary though, but this is the default port in Transmission.
Comment 2 Jiri Popelka 2013-04-26 13:55:03 UTC 
Pushed upstream, thanks
https://git.fedorahosted.org/cgit/firewalld.git/commit/?id=8d8114d974a050c4ce7568c20b19662ae3cac90a
Comment 3 Dean Hunter 2013-04-26 18:30:29 UTC 
Here are a couple more that I recently discovered are necessary to successfully run NFS server:

  cat >/etc/firewalld/services/mountd.xml <<EOD
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>mountd</short>
  <description>Mount Lock Daemon</description>
  <port protocol="tcp" port="20048"/>
  <port protocol="udp" port="20048"/>
</service>
EOD

  cat >/etc/firewalld/services/rpc-bind.xml <<EOD
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>rpc-bind</short>
  <description>Remote Procedure Call Bind</description>
  <port protocol="tcp" port="111"/>
  <port protocol="udp" port="111"/>
</service>
EOD
Comment 4 Jiri Popelka 2013-04-29 12:19:27 UTC 
https://git.fedorahosted.org/cgit/firewalld.git/commit/?id=2a0ff5299093e28b3adb3006fb8bffd705091394
Comment 5 Fedora Update System 2013-04-30 16:40:19 UTC 
firewalld-0.3.2-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/firewalld-0.3.2-1.fc19
Comment 6 Fedora Update System 2013-04-30 19:58:52 UTC 
Package firewalld-0.3.2-1.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing firewalld-0.3.2-1.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-7044/firewalld-0.3.2-1.fc19
then log in and leave karma (feedback).
Comment 7 Dean Hunter 2013-05-10 18:34:02 UTC 
Verified update and left karma.
Comment 8 Fedora Update System 2013-05-22 03:08:03 UTC 
firewalld-0.3.2-1.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.