raising warning flag on firewalld-default feature
Matthew Miller
mattdm at fedoraproject.org
Tue Nov 13 14:46:31 UTC 2012
On Tue, Nov 13, 2012 at 02:28:17PM +0100, Tomasz Torcz wrote:
> > > >Here, I mostly don't see the reason for it to be running all the time.
> > > >Couldn't it be dbus activated, and then go away when it's not needed? Then,
> > > >it would matter less what it was written in.
> > > It would loose internal state if it would be D-BUS activated.
> > Surely it could persist it somewhere?
> Like in the actual netfilter rules?
Yes.
It has to be able to save internal state *somehow*, because if restarting
the service breaks everything, we're not gaining much over the old way, are
we? Plus, for a critical service like this, the service needs to be designed
to be as robust as possible in situations where it might crash or get killed
arbitrarily.
And for things like the ten-second-temporary rule, it could hang around for
a while.
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm at fedoraproject.org>
More information about the devel
mailing list