firewall changes for F-9+

Adam Tkac atkac at
Thu Jan 17 18:06:22 UTC 2008

On Thu, Jan 17, 2008 at 12:48:27PM -0500, Jon Stanley wrote:
> On Jan 16, 2008 7:07 PM, Bastien Nocera <bnocera at> wrote:
> > IpSec and IPP as services don't sound very much like desktop
> > applications.
> IPSec sounds reasonable since users may be using a VPN client in order
> to access a corporate or remote network.  If not enabled by default,
> there needs to be something easy in s-c-firewall to enable it, since
> making IPSec work is a non-trivial endeavor.  In the 'server' profile,
> though - it's absolute rubbish.  If someone wants to run a VPN server,
> they should know enough about it to configure the firewall
> appropriately :)

I think you don't need open ports for VPN clients. State firewall
should take care about such situation, doesn't?


Adam Tkac, Red Hat, Inc.

More information about the fedora-devel-list mailing list