Re: firewalld / iptables.service past F17

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Wed, 2012-04-25 at 17:27 -0600, Dariusz J. Garbowski wrote:
> On 25/04/12 10:55 AM, Adam Williamson wrote:
> > On Tue, 2012-04-24 at 09:30 -0500, Jon Ciesla wrote:
> >
> >> Nothing is being taken away, the default is being changed.  If you're
> >> using Fedora in production, I presume you're installing with
> >> Kickstart.
> >
> > It's worth noting that if the question is how does firewalld handle
> > upgrades, I think it may be somewhat irrelevant because AFAIK even when
> > firewalld was going to be the F17 default, we never implemented anything
> > to cause upgraded systems to switch to it. It was only new installs
> > which were getting firewalld. Upgraded ones stuck with the static
> > iptables/s-c-f/lokkit system.
> Does that imply that new installs will be easily switched from firewalld
> to static iptables? I always do new install but I want to keep my firewall
> static, with my current iptables script.

Once we actually go to firewalld by default, then yes, at least as long
as lokkit and s-c-f are maintained. The procedure is, more or less:

systemctl disable firewalld.service
systemctl stop firewalld.service
systemctl enable iptables.service
systemctl start iptables.service
lokkit --enabled
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | adamwfedora

devel mailing list

[Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Legacy Announce]     [Home]     [Fedora Tools]     [Fedora PHP Devel]     [Kernel List]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

Add to Google Powered by Linux