On 11/19/2016 06:24 AM, permondes - sagen wrote: > firewalld has a conffile prompt and I am not sure which version I should > use. The changes are: > >> -DefaultZone=external >> +DefaultZone=public >> IPv6_rpfilter=yes >> +IndividualCalls=no >> +LogDenied=off > > Is it save to take the new settings or will e.g. DefaultZone impact > FreedomBox?
FreedomBox does expect the DefaultZone to be external. I think the safest option is to: 1) Choose 'y' to take the maintainer's version of this file. 2) Run "sudo firewall-cmd --set-default-zone=external" to change the DefaultZone back to external. Of course this is not a good user experience, and will prevent automatic upgrades of firewalld whenever the package modifies this file. The root cause is that /etc/firewalld/firewalld.conf is a conffile, and firewalld modifies this file when we run the above command. -- James
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
