Description of problem: The rules tcpcrypt adds are not understood by firewalld. As a result connections are not encrypted. Version-Release number of selected component (if applicable): tcpcrypt-0.4-1.fc25.x86_64 firewalld-0.4.4.5-1.fc26.noarch How reproducible: Always Steps to Reproduce: 1. Start the tcpcryptd service 2. Run "systemctl status firewalld.service" 3. Run "curl http://tcpcrypt.org/test.php | grep 'Tcpcrypt connection test'" Actual results: $ curl http://tcpcrypt.org/test.php | grep 'Tcpcrypt connection test' % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 1887 100 1887 0 0 1218 0 0:00:01 0:00:01 --:--:-- 1218 <h1>Tcpcrypt connection test: failed</h1> $ systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2017-10-16 10:07:03 CEST; 3h 18min ago Docs: man:firewalld(1) Main PID: 1145 (firewalld) Tasks: 2 (limit: 4915) CGroup: /system.slice/firewalld.service └─1145 /usr/bin/python3 -Es /usr/sbin/firewalld --nofork --nopid Oct 16 13:02:50 erwan-desktop.corp.cloudmark.com firewalld[1145]: ERROR: Failed to load service file '/usr/lib/firewalld/services/tcpcryptd.xml': PARSE_ERROR: Unexpected element direct Oct 16 13:02:50 erwan-desktop.corp.cloudmark.com firewalld[1145]: WARNING: FedoraServer: INVALID_SERVICE: cockpit Expected results: Connection encrypted and no firewalld error. Additional info:
This message is a reminder that Fedora 26 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 26. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '26'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 26 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 26 changed to end-of-life (EOL) status on 2018-05-29. Fedora 26 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
I am reopening this bug as Fedora release 30 is still affected. This seems pretty serious to me as encryption is failing silently.
This message is a reminder that Fedora 30 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora 30 on 2020-05-26. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '30'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 30 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Still present in FC32. And bug 1716080 looks like a duplicate of this older bug.
Fedora 30 changed to end-of-life (EOL) status on 2020-05-26. Fedora 30 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
Reopening as encryption fails silently in FC32 just as it did in FC26 and in every version in between.
Does not work in Rawhide, but it doesn't fail with firewalld / nft. I just don't see it being successful with encryption.
me too same problem, my system are Fedora 33
This bug appears to have been reported against 'rawhide' during the Fedora 34 development cycle. Changing version to 34.
Still happening in Fedora 36 beta, so should be version 36 at least, possibly rawhide/Fedora 37.
This message is a reminder that Fedora Linux 34 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora Linux 34 on 2022-06-07. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a 'version' of '34'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, change the 'version' to a later Fedora Linux version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora Linux 34 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora Linux, you are encouraged to change the 'version' to a later version prior to this bug being closed.
Happening in Fedora 36 final so this bug needs to be updated to reflect this. It's definitely neither closed nor EOL fodder.
Fedora Linux 34 entered end-of-life (EOL) status on 2022-06-07. Fedora Linux 34 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. Thank you for reporting this bug and we are sorry it could not be fixed.
Please can this be reopened and set to Fedora 36 and likely rawhide too. It's still present.
*** Bug 1716080 has been marked as a duplicate of this bug. ***
*** Bug 2159838 has been marked as a duplicate of this bug. ***
*** Bug 2213055 has been marked as a duplicate of this bug. ***
FEDORA-2023-fb7fed52b8 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2023-fb7fed52b8
FEDORA-2023-5cf032a1f1 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2023-5cf032a1f1
FEDORA-2023-5cf032a1f1 has been pushed to the Fedora 37 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-5cf032a1f1` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-5cf032a1f1 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-fb7fed52b8 has been pushed to the Fedora 38 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-fb7fed52b8` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-fb7fed52b8 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-5cf032a1f1 has been pushed to the Fedora 37 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2023-fb7fed52b8 has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report.