firewalld?
Patrick O'Callaghan
pocallaghan at gmail.com
Sat Feb 16 16:52:20 UTC 2013
On Sat, 2013-02-16 at 11:23 -0500, Matthew Miller wrote:
> On Fri, Feb 15, 2013 at 02:59:37PM -0430, Patrick O'Callaghan wrote:
> > explicit warning about it not checking the current state of the kernel
> > rules before overwriting them. Presumably firewall-config is more
> > careful. No-one is saying you can't write your own scripts, but the OP
>
>
> Presumably it's more careful how?
Well, the tool could check if the rules have been changed behind its
back before overwriting them. Not a complete solution without interlocks
of course, but still.
I've no idea if it actually does this. The "presumably" comes from the
absence of a warning about it, a warning which is present in the old
tool. Are you saying the risk is still there, but the warning isn't?
poc
More information about the users
mailing list