firewall changes for F-9+
atkac at redhat.com
Thu Jan 17 18:06:22 UTC 2008
On Thu, Jan 17, 2008 at 12:48:27PM -0500, Jon Stanley wrote:
> On Jan 16, 2008 7:07 PM, Bastien Nocera <bnocera at redhat.com> wrote:
> > IpSec and IPP as services don't sound very much like desktop
> > applications.
> IPSec sounds reasonable since users may be using a VPN client in order
> to access a corporate or remote network. If not enabled by default,
> there needs to be something easy in s-c-firewall to enable it, since
> making IPSec work is a non-trivial endeavor. In the 'server' profile,
> though - it's absolute rubbish. If someone wants to run a VPN server,
> they should know enough about it to configure the firewall
> appropriately :)
I think you don't need open ports for VPN clients. State firewall
should take care about such situation, doesn't?
Adam Tkac, Red Hat, Inc.
More information about the fedora-devel-list