Disabling firewalld on AWS?

Matthew Miller mattdm at fedoraproject.org
Wed Sep 11 12:37:13 UTC 2013


On Tue, Sep 10, 2013 at 11:36:01PM -0400, Sam Kottler wrote:
> Given the deny-by-default nature of security groups I think it makes sense
> to disable firewalld in the AMI's. I haven't seen any other AMI's that
> have a firewall enabled by default and we probably shouldn't break that
> pattern IMO.
> Thoughts?

We do disable firewalld by default, but based on an earlier discussion, we
leave a basic iptables firewall in place. As always, I'm willing to revisit
these things.

Note that since Anaconda _requires_ firewalld to configure the firewall, we
have to remove it in %post.

https://bugzilla.redhat.com/show_bug.cgi?id=1004976




-- 
Matthew Miller  ☁☁☁  Fedora Cloud Architect  ☁☁☁  <mattdm at fedoraproject.org>


More information about the cloud mailing list