[cloud] #113: Ship with firewall on by default

Fedora Cloud Trac Tickets cloud-trac at fedoraproject.org
Tue Jul 28 19:16:18 UTC 2015

#113: Ship with firewall on by default
 Reporter:  dustymabe  |       Owner:
     Type:  task       |      Status:  new
 Priority:  normal     |   Milestone:  Future
Component:  ---        |  Resolution:
 Keywords:  meeting    |

Comment (by ryansb):

 Agreed, the target use cases (GCE, EC2, OpenStack, whatever) all have
 network security external to the instance. Anyone who needs the firewall
 active can, as you said, use cloud-init or chef/puppet/ansible/salt.

 For casual cloud users, having an instance firewall deny them after
 they've set up security groups to allow the traffic would probably be
 confusing if they assume security groups "are" the firewall.

Ticket URL: <https://fedorahosted.org/cloud/ticket/113#comment:2>
cloud <https://fedorahosted.org/cloud>
Fedora Cloud Working Group Ticketing System

More information about the cloud mailing list