F21 System Wide Change: Workstation: Disable firewall

Tomasz Torcz tomek at pipebreaker.pl
Wed Apr 16 18:09:13 UTC 2014


On Wed, Apr 16, 2014 at 06:56:21PM +0200, Thomas Woerner wrote:
> >   – for any IPv4 incoming connection, this interface is in ”trusted” (”home”?
> >     I never know what home/work/dmz/etc really mean)
> You can full customize all zones. This is the reason there is no
> simple description for each zone.
> 
> >   – for IPv6 incoming connection from 2001:6a0:138:1::/64 subnet, the zone
> >     is still ”trusted”
> >   – for any other incoming connection the zone is ”public” (I hope this
> >     means ”general Internet”).
> >
> >   Above is trivial in iptables, but impossible with firewalld's zones.
> >
> firewalld also has the ability to bind zones to source addresses and
> address ranges. This might help here.

  That's sounds promising and revisits my perception of firewalld. Thank you!

-- 
Tomasz Torcz                 Morality must always be based on practicality.
xmpp: zdzichubg at chrome.pl                -- Baron Vladimir Harkonnen



More information about the devel mailing list