First Last Prev Next    This bug is not in your last search results.
Bug 72636 - Lokkit doesn't block anything under high security
Lokkit doesn't block anything under high security
Status: CLOSED NOTABUG
Product: Red Hat Public Beta
Classification: Retired
Component: gnome-lokkit (Show other bugs)
null
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-08-26 04:01 EDT by Fred New
Modified: 2014-03-16 22:30 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-08-26 04:01:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Fred New 2002-08-26 04:01:10 EDT 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.0.1) Gecko/20020809

Description of problem:
I ran lokkit from an SSH session, requesting high security and an open SSH port.
 Listing iptables afterwards showed that all ports were open with all protocols.

Version-Release number of selected component (if applicable):
lokkit-0.50-17

How reproducible:
Always

Steps to Reproduce:
1. From a virtual terminal, enter "lokkit".
2. Select "high" and "customize"
3. Select SSH.
4. Select OK
5. Select OK
6. iptables --list

Actual Results:  The first few lines for the RH-Lokkit-0-50-INPUT table show the
following:

target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:ssh
flags:SYN,RST,ACK/SYN
ACCEPT     all  --  anywhere             anywhere

Expected Results:  Instead of

ACCEPT     all  --  anywhere             anywhere

I expect to see something like the following to permit X to run:

ACCEPT     tcp  --  localhost.localdomain  localhost.localdomain
ACCEPT     udp  --  localhost.localdomain  localhost.localdomain

Additional info:
Comment 1 Bill Nottingham 2002-08-27 21:28:29 EDT 
That 'anywhere' line is for traffic over the loopback interface.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.