QA:Testcase firewall config

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
(Created page with "= Description = firewall-config knows everything that we've already tested in previous test cases. == Changing default zone == The ''Change Default Zone'' button does the sam...")
 
Line 1: Line 1:
 
= Description =
 
= Description =
firewall-config knows everything that we've already tested in previous test cases.
+
''firewall-config'' is a GUI to firewalld and knows everything that we've already tested in previous test cases.
  
 
== Changing default zone ==
 
== Changing default zone ==
Line 23: Line 23:
  
 
==== How to test ====
 
==== How to test ====
Set view to ''persistent'', click on zone ''internal'', try adding/changing various services, ports etc. and check whether the configuration in ''/etc/firewalld/zones/internal.xml'' gets changed. Do ''service firewalld restart'' and make sure the changes you had done survived the restart and are now active:
+
Set view to ''persistent'', click on zone ''internal'', try adding/changing various services, ports etc. and check whether the configuration in ''/etc/firewalld/zones/internal.xml'' gets changed. Press ''Reload Firewalld'' button (or do ''service firewalld restart'') and make sure the changes you had done survived the restart and are now active:
 
   firewall-cmd --zone=internal --list-all
 
   firewall-cmd --zone=internal --list-all
 
   iptables-save | grep internal
 
   iptables-save | grep internal

Revision as of 14:08, 11 December 2012

Contents

Description

firewall-config is a GUI to firewalld and knows everything that we've already tested in previous test cases.

Changing default zone

The Change Default Zone button does the same as firewall-cmd --set-default-zone=zone, see: Test case 2

Runtime and Persistent configuration

On the left side there's a zone list. Clicking on the zone name it's configuration is read and you can change it. The combo box next to "Current view" switches between persistent and runtime configuration.

Runtime configuration

If you change runtime configuration the changes are imediately aplied to the active configuration without a need to restart or confirm anything.

How to test

Set view to runtime, click on zone home, try adding/changing various services, ports etc. and check whether the runtime configuration changes correctly with:

 firewall-cmd --zone=home --list-all
 iptables-save | grep home

Do service firewalld restart and make sure the runtime changes are gone.

Persistent configuration

In a persistent view you can do the same but the changes are done in configuration files (/etc/firewalld/) and you have to press the Reload Firewalld button for the persistent configuration to become active. In the persistent view you can also add and edit zones, services and ICMP types.

How to test

Set view to persistent, click on zone internal, try adding/changing various services, ports etc. and check whether the configuration in /etc/firewalld/zones/internal.xml gets changed. Press Reload Firewalld button (or do service firewalld restart) and make sure the changes you had done survived the restart and are now active:

 firewall-cmd --zone=internal --list-all
 iptables-save | grep internal