PDA

View Full Version : SLES 12 Opening port 443 fails with YaST



villepekka_alakulppi
29-Dec-2015, 13:29
Hello,

for some reason I am unable to open port 443 with YaST. I am able to add the port number to the list of open ports, but it simply disappears after I navigate OK > Next > Finish. In the past I have been able to open other ports on this machine (20 for example).

This is rather peculiar because I am able to open any port (including 443) the exact same way just fine on other machines running the same system (SLES 12). The same happens regardless of whether I use the command line or navigate through the GUI.

This particular machine has Apache installed on it, which I suspect must be causing this somehow. What I'm trying to do is configure Apache to use SSL and opening this port is logically documented as a prerequisite.

malcolmlewis
29-Dec-2015, 16:04
On Tue 29 Dec 2015 12:34:02 PM CST, villepekka alakulppi wrote:

Hello,

for some reason I am unable to open port 443 with YaST. I am able to add
the port number to the list of open ports, but it simply disappears
after I navigate OK > Next > Finish. In the past I have been able to
open other ports on this machine (20 for example).

This is rather peculiar because I am able to open any port (including
443) the exact same way just fine on other machines running the same
system (SLES 12). The same happens regardless of whether I use the
command line or navigate through the GUI.

This particular machine has Apache installed on it, which I suspect must
be causing this somehow. What I'm trying to do is configure Apache to
use SSL and opening this port is logically documented as a prerequisite.




Hi
In YaST add via the 'Allowed' services drop down rather than specifying
the port.

--
Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890)
SUSE Linux Enterprise Desktop 12 | GNOME 3.10.1 | 3.12.51-52.31-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below... Thanks!

ab
29-Dec-2015, 16:22
And with this in mind, I think Yast does this automatically. If you add a
port it knows, it converts it to the service name for you so you need not
go into Advanced in the future, but can see all things from a simpler view.


--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...

villepekka_alakulppi
29-Dec-2015, 16:35
Does that mean that the entry "HTTPS Server (Description: Opens ports for Apache web server)" on my list of Allowed Services is the actual port opening for 443?

ab
29-Dec-2015, 16:52
On 12/29/2015 08:44 AM, villepekka alakulppi wrote:
>
> Does that mean that the entry "HTTPS Server (Description: Opens ports
> for Apache web server)" on my list of Allowed Services is the actual
> port opening for 443?

Yes, or to be more-specific as you probably realize, the Firewall section
in general manages what the kernel allows through the firewall, but des
not actually do anything with regard to opening or closing the port, which
is handled by applications who register he socket for listening regardless
of firewall settings.

It's a bit pedantic in its difference, but it matters a lot since it's
trivial to have a port set to LISTEN because an application binds it even
though the firewall may block outside access, and it is also trivial to
allow a socket in a firewall even though no application will ever listen
for unsolicited connections on that socket.


--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...