Red Hat Bugzilla – Bug 72678
RFE: Tool doesn't remember current settings
Last modified: 2014-03-16 22:30:30 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.5 (X11; Linux i686; U;) Gecko/20020809
Description of problem:
The tool does not remember any of your current settings, always defaulting to
high security with default firewall rules.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Set your firewall rules. Close the application
2. Restart the application
Expected Results: Tool should detect my previous settings and let me further
change my rules.
This should really be changed to be a Request for Enhancement (RFE) for the
software to read the existing/current configuration and use that as a starting
point for configuration.
Good point. I have done this now.
redhat-config-securitylevel calls lokkit to set the firewall level. What's
needed is a way for lokkit to have a way of telling what level it setup last.
So, if I could call something like "lokkit --level", it could return something
like "High" or "Off". Then redhat-config-securitylevel would have a way of
knowing what the current firewall setting looks like.
I'm changing the component to lokkit, but please transfer this bug back to
redhat-config-securitylevel if/when lokkit has this ability.
Hmm, lokkit isn't a component but gnome-lokkit is.
Same problem with setup, Firewall Configuration....
root # setup
select Firewall Configuration
change the firewall settings
Does not reflect to the actual settings.
*** Bug 73057 has been marked as a duplicate of this bug. ***
*** Bug 73286 has been marked as a duplicate of this bug. ***
Are you sure gnome-lokkit will ever get that ability? I ask because there's a
big difference between a wizard style GUI (gnome-lokkit) and the type of GUI
redhat-config-securitylevel has. When using a configuration wizard you don't
expect your old settings being presented, but when using an "ordinary" GUI you
do. When I fired up redhat-config-securirylevel for the first time it was to
view the current firewall settings. I wouldn't even consider to use gnome-
lokkit for the same purpose, of course.
voz, I'm requesting that the functionality be added to lokkit, not specifically
the gnome-lokkit frontend. However, the bug is filed against gnome-lokkit since
the lokkit backend comes from the same source RPM as gnome-lokkit. Bugzilla's
component list comes from the source RPMs, not the binary RPM packages.
*** Bug 75350 has been marked as a duplicate of this bug. ***
*** Bug 75926 has been marked as a duplicate of this bug. ***
*** This bug has been marked as a duplicate of 25510 ***
Isn't marking this as a duplicate to 25510 risky, in that before 8.0 lokkit
deals with ipchains, not iptables? Are you sure this will cover both?