"Workstation" Product defaults to wide-open firewall

Andre Robatino robatino at fedoraproject.org
Mon Dec 8 07:58:47 UTC 2014

Kevin Kofler <kevin.kofler <at> chello.at> writes:

> I just happened to look at the firewalld default settings, and I was not 
> amused when I noticed this:
> http://pkgs.fedoraproject.org/cgit/firewalld.git/tree/FedoraWorkstation.xml
> >  <port protocol="udp" port="1025-65535"/>
> >  <port protocol="tcp" port="1025-65535"/>
> This "firewall" is a joke! ALL higher ports are wide open!

I just did a check of all the service ports and various higher port ranges
using ShieldsUP! ( https://www.grc.com/x/ne.dll?bh0bkyd2 ) and AFAICT, the
only open higher port is the one random port that Transmission is currently
using. (BTW, Transmission now seems to automatically open an incoming port -
in F20 and below I had to tell Transmission to use a fixed port instead of a
random one, and manually open that port in the firewall.) This is on a
system clean installed from Fedora-Live-Workstation-x86_64-21-5.iso.

More information about the devel mailing list