Bug 971843

Summary: RFE: warn when configuring of current and default zone differs
Product: [Fedora] Fedora Reporter: Tomas Dolezal <todoleza>
Component: firewalldAssignee: Thomas Woerner <twoerner>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 19CC: jpopelka, psklenar, twoerner
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: firewalld-0.3.4-1.fc19 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-08-03 20:08:48 EDT Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Tomas Dolezal 2013-06-07 07:49:44 EDT
Description of problem:
usecase: user has changed the zone on his network connection (using either CLI or applet GUI) and then he is makes changes (using `firewall-cmd`) to running configuration without specifying current zone. In result new configuration has no effect.

proposed solution:
warn user if default and running zone differs on any interface and [--zone <zone>] parameter is needed.
agreed on as follows:
* in verbose mode active zones and default zones (but be sure to prefer the least terminal-polluting with regard to other verbose information)
* in non-verbose mandatorily show _warning_ message IF default and active zone differs on any firewalld-relevant interface
* suppress if using [--quiet]

Version-Release number of selected component (if applicable):
firewalld-0.3.2-1.fc19.noarch

How reproducible:
always

Steps to Reproduce:
see in description

Expected results:
warn the user on stdout
Comment 2 Jiri Popelka 2013-06-13 09:56:51 EDT
(In reply to Tomáš Doležal from comment #0)
> * in verbose mode active zones and default zones (but be sure to prefer the
> least terminal-polluting with regard to other verbose information)

I haven't added verbose mode yet. I've seen more requests that firewall-cmd could be more verbose and I'll think more about it.

> * in non-verbose mandatorily show _warning_ message IF default and active
> zone differs on any firewalld-relevant interface

https://git.fedorahosted.org/cgit/firewalld.git/commit/?id=d8ceec59ce1b4d41a5ec46bd2c1970ec7bf4b462

> * suppress if using [--quiet]

https://git.fedorahosted.org/cgit/firewalld.git/commit/?id=88e9ffb39a53aaff8ac91fd8d67189c0e4e32ebb
Comment 3 Fedora Update System 2013-07-30 15:13:14 EDT
firewalld-0.3.4-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/firewalld-0.3.4-1.fc19
Comment 4 Fedora Update System 2013-08-01 23:48:16 EDT
Package firewalld-0.3.4-1.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing firewalld-0.3.4-1.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-14046/firewalld-0.3.4-1.fc19
then log in and leave karma (feedback).
Comment 5 Fedora Update System 2013-08-03 20:08:48 EDT
firewalld-0.3.4-1.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.