About F19 Firewall
P J P
pj.pandit at yahoo.co.in
Sun Sep 15 18:52:07 UTC 2013
Hi,
I upgraded to F19 recently. And I happened to look at the output of iptables(8) today.
$ iptables -nL
It's baffling! It's crazy 4 pages long listing!!
Why
are there so many chains? Most are empty. Those which have rules, jump
from one chain to another and that jumps to yet another.
Multicast
DNS is allowed in the internal network(chain IN_internal_allow). I
guess IN_internal_allow is meant for some closed group internal
network, not sure.
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353 ctstate NEW
Who uses it?
Then
I looked at the firewall configuration GUI tool. That's even more
baffling. On the left hand side, it lists zones: home, internal, public,
work etc. without any explanation whatsoever what each one is suppose
to do. It also has a default zone which is 'public'. I guess that must
be the running firewall configuration. So even if I'm at work or at
home, I'm using firewall configuration that is meant for public network,
am I? Besides, who is going to switch between these zones everyday from
home to work to home again?
I think for individual users, which
is majority of the users, this is a stupid firewall. It doesn't have to
be so complicated that even if one tries to understand it, he/she can
not. :(
---
Regards
-Prasad
http://feedmug.com
More information about the devel
mailing list