firewalld?
Reindl Harald
h.reindl at thelounge.net
Sat Feb 16 16:55:57 UTC 2013
Am 16.02.2013 17:52, schrieb Patrick O'Callaghan:
> On Sat, 2013-02-16 at 11:23 -0500, Matthew Miller wrote:
>> On Fri, Feb 15, 2013 at 02:59:37PM -0430, Patrick O'Callaghan wrote:
>>> explicit warning about it not checking the current state of the kernel
>>> rules before overwriting them. Presumably firewall-config is more
>>> careful. No-one is saying you can't write your own scripts, but the OP
>>
>>
>> Presumably it's more careful how?
>
> Well, the tool could check if the rules have been changed behind its
> back before overwriting them. Not a complete solution without interlocks
> of course, but still.
>
> I've no idea if it actually does this. The "presumably" comes from the
> absence of a warning about it, a warning which is present in the old
> tool. Are you saying the risk is still there, but the warning isn't?
you can be pretty sure that the risk is there
use a GUI and only on or not use a GUI at all
not only for iptables
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130216/41b11425/attachment-0001.sig>
More information about the users
mailing list