Setting the default firewall configuration (was Re: Attention, dependency fighters)
Reindl Harald
h.reindl at thelounge.net
Thu Nov 15 18:30:27 UTC 2012
Am 15.11.2012 19:27, schrieb Miloslav Trmač:
> On Thu, Nov 15, 2012 at 7:08 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>> Am 15.11.2012 19:02, schrieb Miloslav Trmač:
>>> It would be very helpful for judging the maturity/suitability of
>>> firewalld if you could try converting your iptables script to
>>> firewall-cmd --direct (which, at least I hope, should be possible to
>>> do with a few sed commands), and report back whether the pass-through
>>> capability is good enough.
>>
>> you CAN NOT easily convert iptables.sh scripts containing
>> hundrets of commands in a specific order which are well tested
>> over years and your replacment for any hardware firewall/router
>
> Have you actually _tried_? It's supposed to be as easy as
> s/iptables/firewall-cmd --direct --passthrough ipv4/
>
> I don't know for a fact whether it is good enough. You seem to have a
> script that could tell us.
i posted a script realier this day as .txt file with
masked network details, but it did not go trough list
moderation AFAIK until now
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20121115/d783bfdb/attachment.sig>
More information about the devel
mailing list