Am 14.11.2012 01:52, schrieb Adam Williamson:
I don't think that maintaining iptables/s-c-f forever as a
'lightweight
alternative' to firewalld is the way to go
IT IS the way to go!
not as default, not supported via GUI is OK
but iptables.service and "configuration" with shellscripts is what
in many professional usecases is needed, the only thing which is
needed by administrators is the iptables-command and iptables.service
loading "/etc/sysconfig/iptables" at startup
so you can satisfy the desktop users with GUI/firewalld and
do not punish professional users with iptables-rules you
never can put in any GUI