Red Hat Bugzilla – Bug 197486
system-config-security level does not retain added other ports
Last modified: 2007-11-30 17:11:36 EST
Description of problem:
when making changes in the gui security and firewall app, previously saved open ports are closed after
adding a new port
Version-Release number of selected component (if applicable):
How reproducible: adding new ports under "other ports" disables previously saved other ports
Steps to Reproduce:
1. Open System>Administration>Security Level and FIrewall
2. Open Other ports and save a port, such as 110
3. Click OK then Save
4. Repeat same procedure but this time add a new port, such as 10000 or whatver
5. Click OK then Save
6. Port 110 will not be reachable
Actual results: ports saved under "Other ports" do not retain previously saved state when new ports are
Expected results: Opposite of above...
Incidentally, the saved port will still show in the list of "other" ports, but it will not be reachable from the
I have very similar experience to this. Additional ports (typically larger than
1024) are not presented in the GUI, but seem to be listed with "iptables -L".
How reproducible: every time.
Steps to Reproduce:
1. Execute "iptables -L" as root and note open ports.
2. Open System>Administration>Security Level and Firewall
3. Open Other ports and save a port, such as 113, that's not listed above.
4. Click OK then Save
5. Execute "iptables -L" as root again. Port 113 is now listed (dpt:auth) as open.
6. Open System>Administration>Security Level and Firewall. "auth:tcp" is listed
in Other Ports. Add another port such as 7005 "afs3-volser"
7. Click OK then Save
8. Executing "iptables -L" as root indicates "afs3-volser" is open.
9. Open System>Administration>Security Level and Firewall. "afs3-volser" is NOT
listed in Other Ports. Only "auth:tcp" is listed in the Other Ports section.
Expected Results: both "auth:tcp" and "afs3-volers" should be listed in the
Other Ports section of the GUI.
Actual Results: Only "auth:tcp" is listed in the Other Ports section.
"afs3-volser" is not listed in the Other Ports section.
Component Version: system-config-securitylevel-1.6.16-2
*** Bug 197751 has been marked as a duplicate of this bug. ***
Can you try the system-config-securitylevel from Rawhide and see if that works
better for you? There were problems with port names containing dashes, but I
fixed those up post-FC5. I thought it had been made into an update, but I guess
I tried the latest/updated RPM before I filed this bug report.
Nathan - the latest for FC5 is 1.6.16-2, which was released as an update. That
version probably doesn't fix it either. However, the latest in development is
1.6.22-2, which should contain a fix. I think you should be able to install it
onto an FC5 system. I don't think there are too many updates that will get
pulled in for it.
*** Bug 200725 has been marked as a duplicate of this bug. ***
Please try 1.6.16-3, in updates-testing.
As you can verify by inspecting
there is no new system-config-securitylevel package available. Was it withdrawn
I built it on Friday, but the release team has not yet pushed it. I guess just
check back in a day or two, and I'll bug them to make sure they do something