[systemsettings] [Bug 448407] New: Contradictory firewall status information with nftables / firewalld and Plasma System Settings Firewall

Thu, 13 Jan 2022 14:51:33 -0800 

https://bugs.kde.org/show_bug.cgi?id=448407

            Bug ID: 448407
           Summary: Contradictory firewall status information with
                    nftables / firewalld and Plasma System Settings
                    Firewall
           Product: systemsettings
           Version: 5.23.5
          Platform: Archlinux Packages
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: kcm_firewall
          Assignee: [email protected]
          Reporter: [email protected]
                CC: [email protected]
  Target Milestone: ---

SUMMARY
I've got both iptables, nftables and firewalld installed. Cannot remove
iptables because it is a dependency of systemd.

The issue is that the Plasma Firewall inside the System Settings shows that the
"Default Incoming Policy" and "Default Outgoing Policy" are "Allow", when this
is not true in practice. The currently used connection is using the wlp3s0
interface.

------------------------------------------------------------------------------------------------------------------------------------------------------------
Output of iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

------------------------------------------------------------------------------------------------------------------------------------------------------------
Output of firewall-cmd --get-active-zones
public
  interfaces: wlp3s0
trusted
  interfaces: lo

------------------------------------------------------------------------------------------------------------------------------------------------------------
Output of firewall-cmd --info-zone=public
public (active)
  target: DROP
  icmp-block-inversion: no
  interfaces: wlp3s0
  sources: 
  services: dhcpv6-client
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules:

OBSERVED RESULT
Plasma Firewall shows that the "Default Incoming Policy" and "Default Outgoing
Policy" are "Allow".

EXPECTED RESULT
Plasma Firewall should show that the "Default Incoming Policy" is "Drop" and
"Default Outgoing Policy" is "Allow".

SOFTWARE/OS VERSIONS
firewalld 1.0.2-2
iptables 1:1.8.7-1
nftables 1:1.0.1-3
Operating System: Arch Linux
KDE Plasma Version: 5.23.5
KDE Frameworks Version: 5.90.0
Qt Version: 5.15.2
Kernel Version: 5.15.13-zen1-1-zen (64-bit)
Graphics Platform: Wayland
Processors: 8 × Intel® Core™ i5-8250U CPU @ 1.60GHz
Memory: 7,6 GiB of RAM
Graphics Processor: Mesa Intel® UHD Graphics 620

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to