About F19 Firewall

Thomas Woerner twoerner at redhat.com
Tue Sep 24 12:59:24 UTC 2013

On 09/20/2013 10:10 PM, P J P wrote:
>    Hi,
> ----- Original Message -----
>> From: Thomas Woerner <twoerner at redhat.com>
>> Subject: Re: About F19 Firewall
>> If a static firewall configuration fits your needs, just disable
>> firewalld and use the ip*tables firewall services:
>     Static? Oh my...! Firewalld allows Applications, daemons and the user can request to enable a firewall feature over D-BUS. It does not seem like a good idea at all.
The ip*tales services are handling the rule set as a whole. If you are 
changing it with iptables calls it is up to you, but the services can 
only apply or remove the whole rule set.

Applications or daemons can only request changes to the firewall if they 
are authenticated. This is not a change compared to using an ip*tables 
call. But you are able to limit this further with firewalld.

> ---
> Regards
>     -Prasad
> http://feedmug.com

More information about the devel mailing list