raising warning flag on firewalld-default feature
Adam Williamson
awilliam at redhat.com
Tue Nov 13 17:52:32 UTC 2012
On Tue, 2012-11-13 at 10:03 -0500, Matthew Miller wrote:
> On Fri, Nov 09, 2012 at 11:57:12AM -0500, Matthew Miller wrote:
> > > > - no way to run once and exit for cloud guests with *non-dynamic* firewall
> > > > needs, and it's a non-trivial user of system resources
> > > You can use the old firewall environment for static firewall use
> > > cases. Everything is still there.
> > Can I use them *both together*? If so, okay. If not, we should keep entirely
> > with the old one until this is really ready to take over.
>
> This is still unclear to me. Anaconda is pulling in firewalld for
> post-install configuration. Do we still _really_ have the option of the old
> firewall?
We can in fact stop pulling in firewalld for post-install configuration
in most cases, I think, I'm talking to twoerner/anaconda team about
that. You can certainly remove it post-install and go back to using
iptables / s-c-f, all the packages and services still exist, there is no
dependency problem, and it still works, I've tested that. Actually, if
you have an F18 system you 'yum update'd from F17 you already probably
have this config, as there is no magic to do the switch to firewalld on
upgrade, you just carry on with iptables. That's what I have here.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net
More information about the devel
mailing list