[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Why does Fedora do this with iptables?



On 12/09/2007, Michael Klinosky <mpk2 enter net> wrote:
> Michael S.:
> > With iptables/netfilter, user-defined chains are *essential* for many
> > firewall implementation details. There are some things you cannot do
> > without using user-defined chains (e.g. a logical AND for certain
> > types of traffic). Get used to it.
>
> OK. But, why put everything into a U-D chain?

Why not? What's bad?

> I figure that the geek
> thing would be to have them for only that which needs it.

For the geek the jump into a user-defined chain is easier to switch
on/off and display/hide than an entire set of rules in a customised
built-in chain. With regard to a tool like system-config-firewall, it
can play in the user-defined chain as much as it likes.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]