raising warning flag on firewalld-default feature
Bill Nottingham
notting at redhat.com
Tue Nov 13 20:40:54 UTC 2012
Matthew Miller (mattdm at fedoraproject.org) said:
> On Tue, Nov 13, 2012 at 06:37:37PM +0100, Thomas Woerner wrote:
> > >That's not correct. You can modify the firewall just fine without
> > >restarting it.
> > This is related to system-config-firewall/lokkit. You are right, if
> > you are using iptables directly then you do not have this
> > limitation. firewalld is a replacement for s-c-fw/lokkit.
>
> This is not what it says in the feature page at
> https://fedoraproject.org/wiki/Features/firewalld-default#Detailed_Description
>
> That says:
>
> The services iptables, iptables-ipv6 and ebtables will be replaced by
> firewalld. system-config-firewall in it's [sic] current form will also be
> replaced.
Replaced in the default configuration - you obviously shouldn't be running
firewalld and the static firewall scripts at the same time, so enabling them
in combination would be a bad idea.
Bill
More information about the devel
mailing list