[Fedora-infrastructure-list] Firewall tool update
Luke Macken
lmacken at redhat.com
Fri Jul 7 00:14:05 UTC 2006
On Thu, Jul 06, 2006 at 05:19:42PM -0400, Luke Macken wrote:
> A couple of meetings ago someone mentioned the tool pyroman[0] in regard to
> managing the firewalls on our infrastructure. Since then, I've been playing
> around with this tool, and have been fairly impressed.
>
> I've imported pyroman 0.3 along with a _basic_ Fedora infrastructure profile
> into cvs. I've added all of our PHX machines listed on InfrastructurePrivate,
> and added some other minor tweaks. It's not 100% ready for deployment yet,
> it still needs:
>
> o to allow traffic to most services on our machines
> o profiles for our machines at Duke
> o to be compared against our current rc.firewall script
> - I've ported over most of it (the stuff I could actually
> understand), but there might be some stuff I missed
> o LOTS of testing
We should probably toss ipv6 support on this list too.
luke
More information about the infrastructure
mailing list