Hello Vitaly, I don't think that's normal. I don't remember any moment in all these years using Fedora that I ever had a completely disabled firewall. If you ask me, that's a bug.
Kind regards, Lailah On Mon, 26 Aug 2019 at 14:31, Vitaly Zaitsev via devel < devel@lists.fedoraproject.org> wrote: > Hello all. > > Is it okay that firewall is completely disabled by default (opened all > ports 1025-65535) on Fedora Workstation? > > I think that this is a major vulnerability and it must be fixed by > changing default zone to public. > > firewall-cmd --list-all > FedoraWorkstation (active) > target: default > icmp-block-inversion: no > interfaces: enp1s0 > sources: > services: dhcpv6-client mdns samba-client ssh > ports: 1025-65535/udp 1025-65535/tcp > protocols: > masquerade: no > forward-ports: > source-ports: > icmp-blocks: > rich rules: > > -- > Sincerely, > Vitaly Zaitsev (vit...@easycoding.org) > _______________________________________________ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org >
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org