F21 System Wide Change: Workstation: Disable firewall
mitr at volny.cz
Thu Apr 17 21:31:49 UTC 2014
2014-04-16 1:28 GMT+02:00 Simo Sorce <simo at redhat.com>:
> if the users wants more flexibility then they would create new
> zones (like home, work, cafe, library, etc..) perhaps by cloning
> existing ones and then tweak the list of applications allowed to serve
> content in those zones.
> It would be better if the association were per-application rather then
> nameless ports.
firewalld has a concept of "services", so the port numbers don't need to,
and *shouldn't*, appear in UIs. It still might make sense to discuss a
true per-*application* privileges (e.g. Empathy is allowed to listen on any
port), but only after we get reliable application isolation.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the devel