Red Hat Bugzilla – Bug 120559
"No Firewall" still installs basic firewall
Last modified: 2007-11-30 17:10:40 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6)
Description of problem:
When selecting (and reiterating later) "No Firewall" during
installation (Fedora Core2 test2, but earlier FC & RH releases as
well) it still installs a basic 'workstation-style' firewall, allowing
only ESTABLISHED and RELATED state traffic in.
If "No Firewall" is selected (and confirmed via pop-up) then there
should be NO default rules stored in /etc/sysconfig/iptables. The
first thing I do after an install (network unplugged) is login and
configure services and a custom firewall startup - I shouldn't need to
flush rules, delete a chain, and re-save the empty ruleset - that's
why I selected "No Firewall" in the first place...
(And maybe change 'RH' in added firewall chain names to 'FC' ?)
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. select "no firewall" during the pertinent installation step
2. reiterate "no firewall" when pop-up prompts
3. after reboot, "iptables -vnL"
Actual Results: INPUT chain default policy set to DROP
single INPUT chain rule pointing to custom chain
custom chain accepting ESTABLISHED & RELATED state connections, input
on lo, etc.
Expected Results: INPUT policy ACCEPT
(I've not selected "security" for severity since, while definitely
security-related, it's not a lessening or breach in security)
This is fixed post-test2