On 12/02/2014 11:20 AM, Ludwig Nussel wrote:
Am 02.12.2014 um 09:49 schrieb Mathias Homann:
For now I*'ve made the service for firewalld conflict with the SuSEfirewall2 services, so that should be fine. As far as a migration path goes, firewalld comes with a way bigger set of predefined services and zones than SuSEfirewall2 so any "migration path" would be quite straightforward, and not that much different from the initial implementation of any firewall. The question is how painful the migration path is. SuSEfirewall2 exists for a long time so there are many people with grown configurations. So the premium migration path would be if /etc/sysconfig/SuSEfirewall2 could be converted automatically, at least to some degree. I guess there is no chance for custom rules though. Also, packages that drop stuff in /etc/sysconfig/SuSEfirewall2.d/services need to be adjusted to do the equivalent for firewalld.
Actually... I see two different target audiences here, firewalld in my POV is for end user pcs, specifically laptops with multiple connections, and SuSEfirewall2 is for server setups, with a maximum of 3 zones... so there's not all that much overlap. Anyway I'll see if I can find time to do at least a rough draft of a wiki page at some point between travelling and work... Guess it's a good thing that I'm teaching this stuff :) cheers MH
I'll see if I can find some time to write up a readme or such, but I don't think I have editing rights on the wiki, so some else would have to put it there. It's a wiki, you just need to log in with your opensuse account to be able to edit pages :-)
cu Ludwig
-- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org