"Workstation" Product defaults to wide-open firewall

Richard Hughes hughsient at gmail.com
Tue Dec 9 16:46:05 UTC 2014


On 9 December 2014 at 14:18, Brian Wheeler <bdwheele at indiana.edu> wrote:
> I also expect things to work with the minimum amount of fuss.

So do I! I'm a developer, which spin do I use so that the firewall
doesn't get in my way? We can't develop a *product* based around what
you specifically want, not me, nor anyone else on this list.

> So it looks like my choices boil down to:
> * Use the workstation project and spend a bunch of time locking it down to
> what would be reasonable default for the networks I use -- and hope I don't
> miss anything.

Sure, you can do that, you seem more technically proficient with
firewalls than me. If you want to trust the system, you've got to be
able to understand it.

> * Use the server product and manually configure all of the workstation stuff
> so I get a usable system

You sound like you can do that too.

> Neither of those choices seem reasonable to me, especially compared to the
> status quo:  a fully configured workstation where I open new ports as I
> increase functionality.

I don't think it makes much sense for people to stamp their feet
saying "BUT I LIKED THE OLD WAY OF DOING THINGS" when the people
leading the workstation product have identified that the old way of
doing things just doesn't work for the majority of people. You're
probably not in that majority, but that doesn't mean the change is in
someway intrinsically flawed.

Richard


More information about the devel mailing list