firewall changes for F-9+
twoerner at redhat.com
Wed Jan 16 17:52:32 UTC 2008
here are the latest changes for system-config-firewall for F-9+:
The usage of --port=<port>:<proto> for lokkit will open up this port and
not a service using this port anymore. To enable a service you have to
use the new --service=<name> option. There are no magic default open
services. You have to open up the services, you want to use. The interim
options --no-X; X in ["ipsec", "mdns", "ipp"] are obsolete now.
To setup a new firewall, you can use the new --default=<name>
configuration option as a start:
server : ssh is enabled
desktop : ipsec, mdns and ipp are enabled
These changes for lokkit also affect the kickstart firewall configuration.
There is an utility to convert existing configurations, which will be
used automatically while updating the package.
More information about the fedora-devel-list