-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2014-12-03 08:52, Mathias Homann wrote:
On 12/02/2014 04:09 PM, Carlos E. R. wrote:
I certainly want my logs on my laptop.
Then you'd stick with SFW2, of course.
No, the point is that firewalld must generate logs. For instance, if I connect my lappy on a different (home) network that I don't control, I want to see who/what is trying to connect to my laptop. Or I may want something to connect to me, so I want to see the logs for diagnosing why it does not work. The logs are generated by the kernel, after all, not by the firewall. The firewall just inserts the needed iptables(?) rules that will later create the log entries. There are tools and scripts that watch those logs. So not only the logs are needed, but a change in what they print, the format, also breaks the tools. So either firewald generate compatible logs, or all the scripts and tools, from the distributions or from the users, have to adapt. The impact is large.
I think I haven't made myself clear here:
I am not promoting firewalld as a *replacement* for SFW2, all I'm saying is that there are use cases for a firewall where firewalld might be more suited than SFW2, so we might want to offer it as an alternative.
Well, some people here oppose strongly to having two methods and having to maintain both. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlR/EGsACgkQtTMYHG2NR9UHSQCfdxqHMRAaGsMlv3Th+KsM6Y2n 1k0AniaUTBigUbm1ll+HQ4hr7/1pk8JR =daEL -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org