Proposed F19 Feature: firewalld Rich Language
jreznik at redhat.com
Wed Jan 30 12:56:18 UTC 2013
= Features/FirewalldRichLanguage =
Feature owner(s): Thomas Woerner <twoerner at redhat.com>
This feature adds a rich (high level) language to firewalld, that allows to
easily create complex firewall rules without the knowledge of iptables syntax.
= Detailed Description =
Currently, complex firewall rules can only be added using the direct interface
of firewalld. But this requires to know the syntax of iptables and the rules
are not permanent.
With the rich language more complex firewall rules can be created in an easy to
understand way. The language will use keywords with (sometimes multiple)
values and will be an abstract representation of ip*tables and ebtables rules.
Services and zones can be configured using this language, the current
configuration will still be supported.
A mixture of the old and new configuration of services and zones might be
possible, but this needs to be verified. With the possibility to use the rich
language in services and zones, the configuration will also be permanent.
The configuration with files will be available for Fedora 19. The D-BUS
interface with the command line client should be finished, but this depends on
Fedora 19 schedule. UI work will most likely be available later (depends on
Fedora 19 schedule also).
More information about the devel-announce