[cloud] #113: Ship with firewall on by default
Fedora Cloud Trac Tickets
cloud-trac at fedoraproject.org
Tue Jul 28 19:16:18 UTC 2015
#113: Ship with firewall on by default
-----------------------+---------------------
Reporter: dustymabe | Owner:
Type: task | Status: new
Priority: normal | Milestone: Future
Component: --- | Resolution:
Keywords: meeting |
-----------------------+---------------------
Comment (by ryansb):
Agreed, the target use cases (GCE, EC2, OpenStack, whatever) all have
network security external to the instance. Anyone who needs the firewall
active can, as you said, use cloud-init or chef/puppet/ansible/salt.
For casual cloud users, having an instance firewall deny them after
they've set up security groups to allow the traffic would probably be
confusing if they assume security groups "are" the firewall.
--
Ticket URL: <https://fedorahosted.org/cloud/ticket/113#comment:2>
cloud <https://fedorahosted.org/cloud>
Fedora Cloud Working Group Ticketing System
More information about the cloud
mailing list