On 11/09/2012 05:24 PM, Eric H. Christensen wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, Nov 09, 2012 at 09:33:08AM -0500, Matthew Miller wrote:
https://fedoraproject.org/wiki/Features/firewalld-default
We have an accepted feature for Firewalld to be the default in Fedora 18.
This replaces iptables and ip6tables? Perhaps I have had my head in the sand
(I certainly haven't been looking around) but this is the first I've heard of a
replacement for iptables. Has firewalld been tested as well as iptables has
(which seems to be a fairly bullet-proof solution)?
Please have a look at the feature list for F-18.
firewalld replaces system-config-firewall/lokkit, and the iptables and
ip6tables services, not the iptables package and command.
The ip*tables services and also system-config-firewall/lokkit are still
available and also usable after deactivation of the firewalld serice.
With the latest request to move the services of iptables and ip6tables
in a sub package, I will add a requirement to system-config-firewall for
this.
But, I think we should strongly consider pushing this to F19, because:
...
- there's little to no documentation
I'd happily help document it in the Fedora Security Guide if I could get the
proper content or access to the developers. Heck, I'll even help write
stand-alone documentation for this project if needed.
I will provide content/help for this.
The lack of documentation is really the showstopper here. If we had really
good 1) hand-holding documentation and 2) technical documentation for
admins, I'd be more willing to take the risk. (In an even more ideal world,
the UI would be so well designed that the hand-holding documentation
wouldn't be necessary.)
+1
- -Eric "Sparks"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJQnS4+AAoJEIB2q94CS7PRdGcP/1z5O5kgvHDX04E/6t3xhdWv
w2JtwDC3zYc0KlASa+XFPlqFmvQUBngI7Esy3kJ8+mas+bFwVOftTRQhZz13mmfg
C+eKe/rHtL2hEF/EDkWe23FSASrHdK6FNyotK7xxdfh3QYPGmavmFSvlETg6qUdS
kkWRrTCtkro4EirO7KGbW7DDeuzcxqK6IHy6JStdevouwaTqJ/TtdCI2vYJKDTyg
GkxQQwk00GCk7xox5dJq1jdpniVfpQ/pKAVb9BTuQYCaMCuqdv64xg6ggbkXi28T
cIFkdKxNCBw0L5Ecwg3/d4y2OlTAJmBULsAQZ7piFKXFbHPb9CofxCypGSTn5cMw
F9wnr/0geTw3UOxfi0OGNm2Wf0x2B9n7iyYZODxvihdoeg8OGbusPJr9viRYI7tA
47+/95ywXBTcAPxLwSCb3vXG2FImgnzwnaG/9xpKZk4dKAZcxQBxqlgDtBbilv8X
zvr9ArmCG9hdEAojD66AKM5Qmzse+tPaAiDFecGBvlSN3/J2AOrTF9U64Akbkzg9
+uXkV3rk/DhP0JTLXvb8Aizbb9Y51PGO/G7KZH3tCYieaCQbkNdddNbIg3WI4kV1
AEGvDd30vDdAkl17UcguV6iwPwCP0tFs9GNcJRCEninL+/bQmVs2PcpYJ5+oPBsi
vUc791SABXCttPkm1X/A
=E0LH
-----END PGP SIGNATURE-----
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
