On 3/22/2015 4:15 PM, [email protected] wrote: > On Sun, Mar 22, 2015, at 03:52 PM, Tom Eastep wrote: >> Which distros do you run? > > In no particular order or quantities, last check shows we've got > server/project instances of > Centos, RedFlag, Fermi, Mageia, Debian, Poseidon, Gentoo, Arch, Fedora, > Finnix, Mandriva, openSUSE, Mint, Ubuntu, SUSE, RedHat, EnGarde, ClearOS, > Oracle, Scientific, Kali, Knoppix & Raspbian.
You're going to have lots of fun understanding how to make Shorewall-init work on all of those. > > Some there's got lots of, some not, for sure. Most are Arch, Gentoo, Ubuntu > & Debain, with a bunch of Centos & openSUSE around. And of course different > versions of each. > > Bleedin' nightmare if you ask me, but the servers aren't generally my > responsibility or in my control. But the security on those server is soon > going to be. And firewall's obviously one part of that. > > What I do know is that I want one version of firewall, with similar if not > the same versions of iptables & ipset, and it all centrally managed. Remember that iptables and ipset generally have a kernel version dependency. So just because a particular version of one of those CLIs supports a given feature, that feature can still depend on the kernel version. > > Ideally, in a single, locally built, tarball that I can deploy to any machine > with a similar arch into a well contined /opt/shorewall or > /usr/local/shorewall, install the systemd service files (or init files for > the laggards), and execute it, and upgrade it from central mgmt. > You might be able to install Shorewall-init into a well-contained environment, but it won't do anything. It depends on being installed with the name and location required by the distribution's interface-management software. Why do you believe that you need Shorewall-init? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
