CentOS7 firewall?

Alex Sage

@JaredBusch Can you see what else is missing?

Alex Sage

Need to know if I need to rebuild all my servers

Alex Sage

So I guess the lesson I learned is always use the full DVD???

scottalanmiller

@JaredBusch said:

@scottalanmiller said:

@anonymous said:

@scottalanmiller But it is no firewall is running by default

Ah, it is installed but not running.

no, it is not installed at all see my above screen shot..

The firewall (iptables) is installed according to @anonymous screen shot. And on a new build from an hour ago that I am testing. But firewalld (the management tool) is not. But iptables won't start, which is the bigger problem. It looks like no scripts for starting it are installed.

MattSpeller

@anonymous said:

So I guess the lesson I learned is always use the full DVD???

Or at least be really sure of whats on each version

Alex Sage

@MattSpeller a minimal install should be minimal install regardless of media used.

scottalanmiller

@anonymous said:

@MattSpeller Minimal should be Minimal regardless of media used.

Should definitely be the same.

JaredBusch

@JaredBusch said:

@scottalanmiller said:

@anonymous said:

@scottalanmiller But it is no firewall is running by default

Ah, it is installed but not running.

no, it is not installed at all see my above screen shot..

and wow that post keeps moving down..

scottalanmiller

The current status is that a default minimal install leaves the system exposed. My only guess is that they decided that with the move to a new management interface that they decided that people needed to choose which to install before moving forward no matter what?

MattSpeller

@anonymous said:

@MattSpeller a minimal install should be minimal install regardless of media used.

Ah I didn't understand that was the issue, thought you were doing full install from full media

scottalanmiller

@JaredBusch said:

@JaredBusch said:

@scottalanmiller said:

@anonymous said:

@scottalanmiller But it is no firewall is running by default

Ah, it is installed but not running.

no, it is not installed at all see my above screen shot..

and wow that post keeps moving down..

Yeah, I htought that you were posting it over and over. Then I realized it just woudn't leave teh bottom . Very odd.

Alex Sage

Should we contact someone about this? Does anyone care? It seems like a huge security problem to me, but I tend to over react

scottalanmiller

@anonymous said:

Need to know if I need to rebuild all my servers

Just install the firewalld component, I would assume.

JaredBusch

@scottalanmiller said:

@JaredBusch said:

@JaredBusch said:

@scottalanmiller said:

@anonymous said:

@scottalanmiller But it is no firewall is running by default

Ah, it is installed but not running.

no, it is not installed at all see my above screen shot..

and wow that post keeps moving down..

Yeah, I htought that you were posting it over and over. Then I realized it just woudn't leave teh bottom . Very odd.

did an F5 and it stopped doing that.

scottalanmiller

@JaredBusch said:

@scottalanmiller said:

@JaredBusch said:

@JaredBusch said:

@scottalanmiller said:

@anonymous said:

@scottalanmiller But it is no firewall is running by default

Ah, it is installed but not running.

no, it is not installed at all see my above screen shot..

and wow that post keeps moving down..

Yeah, I htought that you were posting it over and over. Then I realized it just woudn't leave teh bottom . Very odd.

did an F5 and it stopped doing that.

Yeah, same here. Very weird that we both got the same glitch and it appeared to be on the client side!

JaredBusch

@scottalanmiller said:

@anonymous said:

@JaredBusch Do you know of anyway to compare the two installs to see what packages are different? It would be interesting to know.

rpm -ql >> list

On each box. The do a diff on the two lists.

[root@testcos7 ~]# rpm -ql
rpm: no arguments given for query

Alex Sage

@MattSpeller I was doing a minimal install from the minimal install media. Regardless, you should get the same result if you do a minimal install from the DVD media. You do not, and this makes me a sad panda.

JaredBusch

@anonymous said:

@MattSpeller I was doing a minimal install from the minimal install media. Regardless, you should get the same result if you do a minimal install from the DVD media. You do not, and this makes me a sad panda.

Once I figure out how to get the package lists I will get the differences for you.

Alex Sage

@JaredBusch

yum list installed >> list

This works, I just tried it to make sure

JaredBusch

@anonymous said:

@JaredBusch

yum list installed >> list

This works, I just tried it to make sure

[root@testcos7dvd ~]# diff listdvd listmin
5d4
< NetworkManager-team.x86_64            1:1.0.6-27.el7                   @anaconda
6a6
> NetworkManager-wifi.x86_64            1:1.0.6-27.el7                   @anaconda
61d60
< ebtables.x86_64                       2.0.10-13.el7                    @anaconda
74d72
< firewalld.noarch                      0.3.9-14.el7                     @anaconda
124,125d121
< iwl7265-firmware.noarch               22.0.7.0-43.el7                  @anaconda
< jansson.x86_64                        2.4-6.el7                        @anaconda
170d165
< libnl3-cli.x86_64                     3.2.21-10.el7                    @anaconda
177d171
< libselinux-python.x86_64              2.2.2-6.el7                      @anaconda
185d178
< libsysfs.x86_64                       2.1.0-16.el7                     @anaconda
187d179
< libteam.x86_64                        1.17-5.el7                       @anaconda
259,260d250
< python-slip.noarch                    0.4.0-2.el7                      @anaconda
< python-slip-dbus.noarch               0.4.0-2.el7                      @anaconda
264d253
< rdma.noarch                           7.2_4.1_rc6-1.el7                @anaconda
289d277
< teamd.x86_64                          1.17-5.el7                       @anaconda
[root@testcos7dvd ~]#