F19 Firewall

[Eric H. Christensen]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Thu, Sep 26, 2013 at 11:29:34PM -0500, Lance Lassetter wrote:
> I thought in the Fedora world firewalld was supposed to replace iptables completely?  So firewalld is just for cliet machines?  Then IMHO this needs to be stated explicitley, say, upon launch of firewalld?  Or something....  I saw a lot of confusion at the first launch of firewalld because of the complete replacement factor and "How am I going to do this on a server?"  If it is to be a complete replacement (which maybe it should be for the simplification of Netfilter tobl the end user), what about a wizard upon launch as well as the flexibility of importing complex rulesets into firewalld no matter what?

Sorry, I should have said that in my opinion I would only use firewalld for client systems and not computers.  I trust ip*tables and know how to write the rules easily so I find firewalld's interface and tools to be annoying.  I haven't seen the benefit of it just yet.

- -- Eric

- --------------------------------------------------
Eric "Sparks" Christensen
Red Hat, Inc - Product Security Team

sparks at redhat.com - sparks at fedoraproject.org
097C 82C3 52DF C64A 50C2  E3A3 8076 ABDE 024B B3D1
- --------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQGcBAEBCgAGBQJSRYN6AAoJEB/kgVGp2CYvQHcL/jpogbokDxt7f6T0NCkryrtC
ztOwrwKLvVdL+t5VgFHXLeHAmG0dXqKZQoixmZWmir8iKkp7Nx67D47HxRhhn4/r
K7JLAnAz5iyL2zV4Hzt2h0NO22rENaJrWYvfMCYOU2pOJpL16EEFo6Bb76r0hnr3
a0kHqc86cpcJ77lxwlE+izrvgdjZDkQb7xYN5CpZ84SFPJZaFKXfCCngdqNdZTl6
sliFQOUQvqTxPSsEHctQwNyrNi802PpxoF8mdIsVdobavKLmRSFVV52IG3GCRe6f
aM7HTBoZBTj+f5w/D7uoAqp46VzoycVbGeMOLKU/2MlhBaB6gdoz8WcsP/mUg6ez
SClJJ0aG4y05yfIQ3267TNOJpZuC8dpZpmlmrJH0fOKqgywWgFTufsJvkZ6WHROB
Lz8xMPmTWjSPBnus8Hd8k0C1/tMLVSZG9DztrtCHzwIYDk3+rs3TseEGT4eDweFP
aEDeyEJvLxhYe/gfKzDUEnw99EhS61qsyfYYEzfz4A==
=6LQV
-----END PGP SIGNATURE-----