Bug 683824

Summary: firewall: get rid of "advanced" ports
Product: [openSUSE] openSUSE 11.4 Reporter: macias - <bluedzins>
Component: YaST2Assignee: Lukas Ocilka <locilka>
Status: VERIFIED FEATURE QA Contact: Jiri Srain <jsrain>
Severity: Normal    
Priority: P5 - None    
Version: Final   
Target Milestone: ---   
Hardware: x86-64   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description macias - 2011-03-30 16:13:15 UTC 
You can make exceptions for zone, and open for example cups ports. However if you want to open an arbitrary port, this is advanced feature and you don't simply add exception, you define advanced opened port.

a) I don't see how this is advanced feature, and from my POV opening cups port is at the same level of opening port 100

b) please note you can open the same "basic" ports via "advanced" button

c) I don't know what was the purpose of such design, but I know the effect for sure -- it is hard to trace opened ports, because instead of the list, you have to check the list AND small button "advanced" which can reveal a bunch of opened extra ports

So please, get rid of it. Put _all_ opened ports in one list, don't split the data to basic ports and advanced ports. User should add to the list either predefined port or arbitrary port, meaning selecting from combobox name of the service, or entering the number + type (TCP, UDP...).

Current UI design is obscure and can reach to security breach.
Comment 1 Zhi Juan Jia 2011-03-31 09:27:42 UTC 
Please attach y2logs. If you are in doubt follow:
http://en.opensuse.org/openSUSE:Bugreport_YaST
Thanks!
Comment 2 macias - 2011-03-31 15:25:08 UTC 
UI has nothing do with really:
https://bugzilla.novell.com/attachment.cgi?id=420029
Comment 3 Lukas Ocilka 2011-04-04 13:33:24 UTC 
Sorry, this works as designed. For changes in design use openFATE, thanks.