Bug 430091 - ipa-server-install should update iptables config
ipa-server-install should update iptables config
Product: freeIPA
Classification: Community
Component: ipa-server (Show other bugs)
All Linux
high Severity high
: ---
: ---
Assigned To: Simo Sorce
Chandrasekar Kannan
Depends On:
Blocks: freeipa10 429034
  Show dependency treegraph
Reported: 2008-01-24 09:27 EST by Chandrasekar Kannan
Modified: 2015-01-04 18:30 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-01-25 14:48:40 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Chandrasekar Kannan 2008-01-24 09:27:28 EST
during ipa-server-install, we observed that
we if have a system with has firewall enabled, none of
the ports are then opened up. 

We believe we should automatically change iptables configuration
on the ipa-server machine to allow access to these ports.
Comment 1 Simo Sorce 2008-01-25 14:48:27 EST
I don't believe in changing firewall settings from applications.
It is not a good security practice (and I hope SELinux would prevent that anyway).

At the end of the setup script we warn admins on the ports they need to open
(and that is also documented in the docs I bellieve).

Note You need to log in before you can comment on or make changes to this bug.