What I HATE about F11

Casey Dahlin cdahlin at redhat.com
Mon Jun 15 19:24:48 UTC 2009


On 06/15/2009 03:19 PM, Matthew Woehlke wrote:
> Casey Dahlin wrote:
>> Really, init scripts should open the firewall ports they need when
>> their service comes up (and I'll propose something for upstart 1.0
>> later today to make that make more sense.)
> 
> How is that supposed to work when I only want to allow connections to a
> service on a whitelist of IP addresses?
> 
> Right now I do this with static iptables rules that I have set up
> (which, since I am never /not/ running the daemon in question, doesn't
> have any drawbacks I can think of off the top of my head).
> 

You'll likely have to change some configuration to get exactly what you want, and we'll have to work for a set of defaults that don't ruin your life until you do.

--CJD




More information about the fedora-devel-list mailing list