From 6e2c94483c8c4a04445abd7cc7dd61a47c343139 Mon Sep 17 00:00:00 2001 From: Traci Morrison Date: Thu, 17 Oct 2019 10:06:01 -0400 Subject: [PATCH] Remove duplicate firewall section --- ee/ucp/admin/install/system-requirements.md | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/ee/ucp/admin/install/system-requirements.md b/ee/ucp/admin/install/system-requirements.md index a1bf441586..64e87ad3ff 100644 --- a/ee/ucp/admin/install/system-requirements.md +++ b/ee/ucp/admin/install/system-requirements.md @@ -73,7 +73,7 @@ host types: | Hosts | Port | Scope | Purpose | | :---------------- | :---------------------- | :----------------- | :---------------------------------------------------------------------------- | -| managers, workers | TCP 179 | Internal | Port for BGP peers, used for kubernetes networking | +| managers, workers | TCP 179 | Internal | Port for BGP peers, used for Kubernetes networking | | managers | TCP 443 (configurable) | External, Internal | Port for the UCP web UI and API | | managers | TCP 2376 (configurable) | Internal | Port for the Docker Swarm manager. Used for backwards compatibility | | managers | TCP 2377 (configurable) | Internal | Port for control communication between swarm nodes | @@ -105,14 +105,6 @@ prior to installing UCP. ``` 2. Run `service network restart`. -## Avoid firewall conflicts - -For SUSE Linux Enterprise Server 12 SP2 (SLES12), the `FW_LO_NOTRACK` flag is turned on by default in the openSUSE firewall. This speeds up packet processing on the loopback interface, and breaks certain firewall setups that need to redirect outgoing packets via custom rules on the local machine. - -To turn off the FW_LO_NOTRACK option, edit the `/etc/sysconfig/SuSEfirewall2` file and set `FW_LO_NOTRACK="no"`. Save the file and restart the firewall or reboot. - -For SUSE Linux Enterprise Server 12 SP3, the default value for `FW_LO_NOTRACK` was changed to `no`. - ## Enable ESP traffic For overlay networks with encryption to work, you need to ensure that