Description of problem:
Tinc (http://www.tinc-vpn.org/) is a popular, cross-distro VPN solution that allows MESH networks. For RedHat family, it is available in Fedora EPEL.
According to documentation, tinc uses port 655 for its VPN interface (http://tinc-vpn.org/documentation/Example-configuration.html), probably both TCP and UDP
In order to allow its speedy usage on a larger number of systems, including production ones, and smooth usage of firewalld systems, please add:
- a specific, predefined service for it under /usr/lib/firewalld/services/
- appropriate permissions, including SELinux, if necessary
(In reply to Răzvan Sandu from comment #0)
> According to documentation, tinc uses port 655
Yes, looks like that
# grep tinc /etc/services
tinc 655/tcp # TINC
tinc 655/udp # TINC
Thank you very much, that is exactly what we need.
Please see also bug #1155972, whic is related.
firewalld-0.3.13-1.fc21 has been submitted as an update for Fedora 21.
firewalld-0.3.13-1.fc20 has been submitted as an update for Fedora 20.
* should fix your issue,
* was pushed to the Fedora 21 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing firewalld-0.3.13-1.fc21'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
firewalld-0.3.13-1.fc20 works but firewalld-0.3.13-1.fc21 isn't installable
firewalld-0.3.13-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
firewalld-0.3.13-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
Tinc VPN daemon (http://www.tinc-vpn.org/) sends/receives packets over 655 UDP.
Similar to openvpn.xml, please add the following standard service to firewalld RPM, with appropriate permissions:
<?xml version="1.0" encoding="utf-8"?>
<description>tinc is a virtual private network (VPN) solution. It is used to create encrypted mesh tunnels between computers. If you plan to provide a VPN service via tinc, enable this option.</description>
<port protocol="udp" port="655"/>
it  has been there since firewalld-0.3.13. Have you tried that version ?
Hello and thanks, :)
No, I didn't, since I only have production machines here. I am using CentOS and the version of tinc available in Fedora's EPEL.
The only correction seems to be that only UDP is needed in the service file, similar to present openvpn.xml one.