Bug 175190

Summary: Setting network interface to INT zone does not work during install (proposal discards user changes)
Product: [openSUSE] openSUSE 10.2 Reporter: Johannes Meixner <jsmeix>
Component: YaST2Assignee: Michal Zugec <mzugec>
Status: RESOLVED DUPLICATE QA Contact: Stanislav Visnovsky <visnov>
Severity: Major    
Priority: P5 - None CC: lnussel, locilka, suse-beta
Version: Beta 2 plus   
Target Milestone: ---   
Hardware: x86-64   
OS: SUSE Other   
Whiteboard:
Found By: Development Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: YaST logs (a tgz archive)

Description Johannes Meixner 2006-05-12 12:20:04 UTC 
During installation of the system I set up my network interface manually.
In the network setup I selected the "general" tab (or similar name)
and set my interface to be in the INT zone.
Nevertheless it is in the EXT zone after the installation was finished.
In y2log I have:
-----------------------------------------------------------------------------
2006-05-11 16:21:01 <1> caps(4096) [YCP] SuSEFirewall.ycp:1645
  Adding interface 'eth-id-00:50:45:00:ca:cb' into 'EXT' zone.
2006-05-11 16:28:38 <1> caps(4096) [YCP] SuSEFirewall.ycp:1645
  Adding interface 'eth-id-00:50:45:00:ca:cb' into 'EXT' zone.
2006-05-11 16:29:21 <1> caps(4096) [YCP] SuSEFirewall.ycp:1613
  Removing interface 'eth-id-00:50:45:00:ca:cb' from 'EXT' zone.
2006-05-11 16:29:21 <1> caps(4096) [YCP] SuSEFirewall.ycp:1645
  Adding interface 'eth-id-00:50:45:00:ca:cb' into 'INT' zone.
2006-05-11 16:29:28 <1> caps(4096) [YCP] SuSEFirewall.ycp:1645
  Adding interface 'eth-id-00:50:45:00:ca:cb' into 'EXT' zone.
-----------------------------------------------------------------------------
which seems to indicate that for an unknown reason my setting
was finally changed back to EXT.

Later in the running system using "yast2 firewall" it works well
to change the interfacte into the INT zone and in y2log there is
-----------------------------------------------------------------------------
2006-05-12 14:17:04 <1> caps(20091) [YCP] SuSEFirewall.ycp:1613
  Removing interface 'eth-id-00:50:45:00:ca:cb' from 'EXT' zone.
2006-05-12 14:17:04 <1> caps(20091) [YCP] SuSEFirewall.ycp:1645
  Adding interface 'eth-id-00:50:45:00:ca:cb' into 'INT' zone.
-----------------------------------------------------------------------------
Comment 1 Lukas Ocilka 2006-05-12 12:22:21 UTC 
Full log, please
Comment 2 Johannes Meixner 2006-05-12 12:24:19 UTC 
Created attachment 83217 [details]
YaST logs (a tgz archive)
Comment 4 Lukas Ocilka 2006-05-12 12:57:30 UTC 
Firewall proposal:
Proposal based on configuration: Dial-up interfaces: [], Other: ["eth-id-00:50:45:00:ca:cb"]
Adding interface 'eth-id-00:50:45:00:ca:cb' into 'EXT' zone.

Network proposal:
SuSEFirewall4Network.ycp:138 Enabling firewall because of 'eth-id-00:50:45:00:ca:cb' interface
SuSEFirewall.ycp:1645 Adding interface 'eth-id-00:50:45:00:ca:cb' into 'EXT' zone.

Network - changing defaults:
SuSEFirewall4Network.ycp:138 Enabling firewall because of 'eth-id-00:50:45:00:ca:cb' interface
SuSEFirewall.ycp:1613 Removing interface 'eth-id-00:50:45:00:ca:cb' from 'EXT' zone.
SuSEFirewall.ycp:1645 Adding interface 'eth-id-00:50:45:00:ca:cb' into 'INT' zone.

Firewall proposal again:
Proposal based on configuration: Dial-up interfaces: [], Other: ["eth-id-00:50:45:00:ca:cb"]
Adding interface 'eth-id-00:50:45:00:ca:cb' into 'EXT' zone.

Mvidner, I'm afraid, you will have to call this function in proposal when user changes something in network proposal (something -- firewall settings):

SuSEFirewallProposal.ycp:

    /**
     * Function sets that proposal was changed by user
     *
     * @param   boolean if changed by user
     */
    global define void SetChangedByUser (boolean changed) {
        y2milestone("Proposal was changed by user");
        proposal_changed_by_user = changed;
    }

... or, I could change the firewall proposal, not to propose any zone for interfaces... :)
Comment 6 Martin Vidner 2006-08-28 11:52:42 UTC 
Reassigning to the new maintainer of yast2-network.
Comment 7 Johannes Meixner 2006-11-16 15:15:03 UTC 
Still the same in openSUSE beta2plus.
---------------------------------------------------------------------------
caps:~ # egrep ' zone\.' /var/log/YaST2/y2log
2006-11-16 16:00:11 <1> caps(3672) [YCP] SuSEFirewall.ycp:1436
 Adding interface 'eth-id-00:50:45:00:ca:cb' into 'EXT' zone.
2006-11-16 16:00:42 <1> caps(3672) [YCP] SuSEFirewall.ycp:1436
 Adding interface 'eth-id-00:50:45:00:ca:cb' into 'EXT' zone.
2006-11-16 16:01:07 <1> caps(3672) [YCP] SuSEFirewall.ycp:1404
 Removing interface 'eth-id-00:50:45:00:ca:cb' from 'EXT' zone.
2006-11-16 16:01:07 <1> caps(3672) [YCP] SuSEFirewall.ycp:1436
 Adding interface 'eth-id-00:50:45:00:ca:cb' into 'INT' zone.
2006-11-16 16:01:18 <1> caps(3672) [YCP] SuSEFirewall.ycp:1436
 Adding interface 'eth-id-00:50:45:00:ca:cb' into 'EXT' zone.
---------------------------------------------------------------------------
Comment 8 Katarina Machalkova 2007-03-06 11:34:45 UTC 

*** This bug has been marked as a duplicate of bug 241107 ***