Bug 106340 - Selecting "no firewall" in install is ignored, very restrictive firewall installed
Selecting "no firewall" in install is ignored, very restrictive firewall inst...
Status: CLOSED DUPLICATE of bug 105048
Product: Fedora
Classification: Fedora
Component: anaconda (Show other bugs)
i686 Linux
medium Severity high
: ---
: ---
Assigned To: Jeremy Katz
Mike McLean
Depends On:
  Show dependency treegraph
Reported: 2003-10-06 00:11 EDT by John Powell
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-02-21 13:58:57 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
This is the anaconda-ks.cfg file auto-created by the install. (1.80 KB, text/plain)
2003-10-06 00:17 EDT, John Powell
no flags Details

  None (edit)
Description John Powell 2003-10-06 00:11:26 EDT
Description of problem:

Selecting "no firewall" during the normal graphical install is ignored.  I
selected "no firewall" and the firewall was installed with no open ports.  I was
so surprised, I re-installed from scratch just to be sure I did not make a
mistake the first time around.  I was very careful the second time, ensured I
selected no, got the nag message and clicked on "proceed".

I checked /root/anaconda-ks.cfg and it showed "firewall --enable".  I guess my
selection in the GUI was ignored.

Version-Release number of selected component (if applicable):

Not sure.  ISOs just downloaded the other day, I believe it is fedora 0.9.4,
test 2, build name is "Severn"

How reproducible:

100% on 2 tries.

Steps to Reproduce:
1. Install Severn
2. Select Server install (not sure if that is required to reproduce)
3. Select "no firewall" and click on proceed after the nag screen.
Actual results:

After rebooting twice (to be sure) I could not connect to the box from a RH9 box
on the same network for both ssh and httpd (yes, I started httpd).  I COULD
connect from the same box ("ssh localhost" and "lynx http://localhost").  Did a
"service iptables stop" and could now connect ssh and to the web server from
remote machines.

I also did a "chkconfig iptables off" and rebooted.  I could connect no problem
after this.

Expected results:

No firewall installed, should have been able to connect ssh and http without
disabling iptables.

Additional info:

Yes, I know, I should always install the firewall ;)
Comment 1 John Powell 2003-10-06 00:17:28 EDT
Created attachment 94942 [details]
This is the anaconda-ks.cfg file auto-created by the install.
Comment 2 John Powell 2003-10-06 00:23:04 EDT
I forgot to note.  Though the situation is different, this bug is likely closely
related to 105998.  In that bug the ports are ignored, in my case the overall
on/off is ignored.  In both cases the end result is a simple "firewall
--enabled" in anaconda-ks.cfg where entered configuration was ignored.
Comment 3 Jeremy Katz 2003-10-14 17:26:52 EDT

*** This bug has been marked as a duplicate of 105048 ***
Comment 4 Red Hat Bugzilla 2006-02-21 13:58:57 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.