Andrew Holway wrote:
This would perhaps be a very interesting addition to the HBAC stuff.
We're considering deploying freeipa on EC2 and LDAP backed firewalld
would be a very powerful tool for a geographically distributed system.
There is an existing open ticket for this request,
https://fedorahosted.org/freeipa/ticket/2110
A user contributed an initial design was contributed a few months ago,
http://www.freeipa.org/page/V4/Firewall_Configuration
Definitely a desirable feature, just a matter of scheduling it.
rob
On 31 December 2014 at 16:56, Jorick Astrego j.astr...@netbulae.eu
mailto:j.astr...@netbulae.eu wrote:
Hi,
FreeIPA is great! One thing I'm missing though is management of
firewalld services and ports.
Is that something that would fit in FreeIPA?
Currently we are using puppet scripts through katello/the foreman, but
as this is very error prone we'd like to have it centrally managed a
different way.
The firewall rules are very essential IMHO and I thought the whole
point
of firewalld is to have make it more manageable...
I already asked the katello guys but they don't appear very interested
in implementing something there, then I started thinking it would maybe
fit a lot better in freeIPA as it has more overlap with the other
network/authentication stuff.
It would be wasteful to have another project just for firewalld
management.
Happy new year everybody!
Jorick
**
Met vriendelijke groet, With kind regards,
Jorick Astrego*
Netbulae Virtualization Experts *
Tel: 053 20 30 270i...@netbulae.eu mailto:i...@netbulae.eu
Staalsteden 4-3A KvK 08198180
Fax: 053 20 30 271www.netbulae.eu http://www.netbulae.eu
7547
TA Enschede BTW NL821234584B01
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project