On 2020-02-21 11:25, Ed Greshko wrote:
On 2020-02-21 11:17, John M. Harris Jr wrote:
This exact scenario is why I don't believe the GNOME Spin should have ever been allowed to effectively disable the firewall with their absurd FedoraWorkstation firewall zone.
What do you find absurd about the FedoraWorkstation zone?
[root@f31g ~]# firewall-cmd --info-zone=FedoraWorkstation FedoraWorkstation (active) target: default icmp-block-inversion: no interfaces: enp1s0 sources: services: dhcpv6-client mdns samba-client ssh vnc-server ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
[root@f31g ~]# firewall-cmd --info-zone=public public target: default icmp-block-inversion: no interfaces: sources: services: dhcpv6-client mdns ssh vnc-server ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
The only difference between public and FedoraWorkstation seems to be the inclusion of samba-client.
Oh, never mind. Wrong system. The "default" rules for FedoraWorkstationso seem "odd".
[root@f31m ~]# firewall-cmd --info-zone=FedoraWorkstation FedoraWorkstation target: default icmp-block-inversion: no interfaces: sources: services: dhcpv6-client samba-client ssh ports: 1025-65535/udp 1025-65535/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: