Hello Vitaly,
I don't think that's normal. I don't remember any moment in all these
years using Fedora that I ever had a completely disabled firewall. If you
ask me, that's a bug.
Kind regards,
Lailah
On Mon, 26 Aug 2019 at 14:31, Vitaly Zaitsev via devel <
devel(a)lists.fedoraproject.org> wrote:
Hello all.
Is it okay that firewall is completely disabled by default (opened all
ports 1025-65535) on Fedora Workstation?
I think that this is a major vulnerability and it must be fixed by
changing default zone to public.
firewall-cmd --list-all
FedoraWorkstation (active)
target: default
icmp-block-inversion: no
interfaces: enp1s0
sources:
services: dhcpv6-client mdns samba-client ssh
ports: 1025-65535/udp 1025-65535/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
--
Sincerely,
Vitaly Zaitsev (vitaly(a)easycoding.org)
_______________________________________________
devel mailing list -- devel(a)lists.fedoraproject.org
To unsubscribe send an email to devel-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org