Bug 197486 - system-config-security level does not retain added other ports
system-config-security level does not retain added other ports
Product: Fedora
Classification: Fedora
Component: system-config-securitylevel (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Chris Lumens
: 197751 200725 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2006-07-02 17:41 EDT by Will Starck
Modified: 2007-11-30 17:11 EST (History)
5 users (show)

See Also:
Fixed In Version: 1.6.16-3
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-08-08 13:29:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Will Starck 2006-07-02 17:41:40 EDT
Description of problem:

when making changes in the gui security and firewall app, previously saved open ports are closed after 
adding a new port

Version-Release number of selected component (if applicable):

How reproducible: adding new ports under "other ports" disables previously saved other ports

Steps to Reproduce:
1. Open System>Administration>Security Level and FIrewall
2. Open Other ports and save a port, such as 110
3. Click OK then Save
4. Repeat same procedure but this time add a new port, such as 10000 or whatver
5. Click OK then Save
6. Port 110 will not be reachable 
Actual results: ports saved under "Other ports" do not retain previously saved state when new ports are 

Expected results: Opposite of above...

Additional info:
Comment 1 Will Starck 2006-07-02 17:47:16 EDT
Incidentally, the saved port will still show in the list of "other" ports, but it will not be reachable from the 
Comment 2 Ledge 2006-07-03 18:17:48 EDT
I have very similar experience to this.  Additional ports (typically larger than
1024) are not presented in the GUI, but seem to be listed with "iptables -L".

How reproducible: every time.

Steps to Reproduce:
1. Execute "iptables -L" as root and note open ports.
2. Open System>Administration>Security Level and Firewall
3. Open Other ports and save a port, such as 113, that's not listed above.
4. Click OK then Save
5. Execute "iptables -L" as root again. Port 113 is now listed (dpt:auth) as open.
6. Open System>Administration>Security Level and Firewall.  "auth:tcp" is listed
in Other Ports.  Add another port such as 7005 "afs3-volser"
7. Click OK then Save
8. Executing "iptables -L" as root indicates "afs3-volser" is open.
9. Open System>Administration>Security Level and Firewall. "afs3-volser" is NOT
listed in Other Ports.  Only "auth:tcp" is listed in the Other Ports section.

Expected Results:  both "auth:tcp" and "afs3-volers" should be listed in the
Other Ports section of the GUI.

Actual Results: Only "auth:tcp" is listed in the Other Ports section. 
"afs3-volser" is not listed in the Other Ports section.

Component Version: system-config-securitylevel-1.6.16-2
Comment 3 Chris Lumens 2006-07-06 09:49:50 EDT
*** Bug 197751 has been marked as a duplicate of this bug. ***
Comment 4 Chris Lumens 2006-07-11 13:19:00 EDT
Can you try the system-config-securitylevel from Rawhide and see if that works
better for you?  There were problems with port names containing dashes, but I
fixed those up post-FC5.  I thought it had been made into an update, but I guess
Comment 5 Nathan Bates 2006-07-17 20:48:18 EDT
I tried the latest/updated RPM before I filed this bug report.
Comment 6 Chris Lumens 2006-07-18 09:50:30 EDT
Nathan - the latest for FC5 is 1.6.16-2, which was released as an update.  That
version probably doesn't fix it either.  However, the latest in development is
1.6.22-2, which should contain a fix.  I think you should be able to install it
onto an FC5 system.  I don't think there are too many updates that will get
pulled in for it.
Comment 7 Chris Lumens 2006-08-04 13:02:13 EDT
*** Bug 200725 has been marked as a duplicate of this bug. ***
Comment 8 Chris Lumens 2006-08-04 13:03:23 EDT
Please try 1.6.16-3, in updates-testing.
Comment 9 John Mellor 2006-08-05 08:40:57 EDT
As you can verify by inspecting
there is no new system-config-securitylevel package available.  Was it withdrawn
or something?
Comment 10 Chris Lumens 2006-08-07 09:44:02 EDT
I built it on Friday, but the release team has not yet pushed it.  I guess just
check back in a day or two, and I'll bug them to make sure they do something
about it.

Note You need to log in before you can comment on or make changes to this bug.