Disabling Firewall in Kickstart but ports are still not open

[roybfr]

I have a live CD I build where I used "firewall --disabled", but once the box has booted I noticed that I could not ssh into the box and found that port 22 was not responding. So I had to enable the firewall, add an exception for port 22 and then I could get in. I also noticed that if I redisabled the firewall I could still get in on port 22 but other ports that were not originally open were still closed (example port 123 for time) even though the firewall was again turned off.

Anyone have any idea as to what this is happening?

[roybfr]

Never mind I just figured out "firewall --disabled" does not disable iptables form running but instead leaves it at default.

[sideways]

the kickstart config is far from intuitive. If you set "selinux --disabled" then the livecd-creator script complains it can't find the 'lokkit' firewall utility - go figure ??

(you can get rid of the error by adding the package system-config-firewall-tui, which just seems silly to me)

[roybfr]

I agree, I about went Office Space on my computer this past week. For the life of me I could not get
firewall -enabled --ssh or firewall -enabled --port=22:tcp to work. So instead I had to add some iptables entries to the post% part of my kick start script, so still got to where I wanted to in the end just had to take a different route.