About F19 Firewall
twoerner at redhat.com
Tue Sep 24 12:59:24 UTC 2013
On 09/20/2013 10:10 PM, P J P wrote:
> ----- Original Message -----
>> From: Thomas Woerner <twoerner at redhat.com>
>> Subject: Re: About F19 Firewall
>> If a static firewall configuration fits your needs, just disable
>> firewalld and use the ip*tables firewall services:
> Static? Oh my...! Firewalld allows Applications, daemons and the user can request to enable a firewall feature over D-BUS. It does not seem like a good idea at all.
The ip*tales services are handling the rule set as a whole. If you are
changing it with iptables calls it is up to you, but the services can
only apply or remove the whole rule set.
Applications or daemons can only request changes to the firewall if they
are authenticated. This is not a change compared to using an ip*tables
call. But you are able to limit this further with firewalld.
More information about the devel