On 12/04/2014 11:30 AM, Raymond Wooninck wrote:
On Thursday 04 December 2014 08:51:06 Mathias Homann wrote:
Of course SFW2 can be re-written / improved, but my original proposal was to include firewalld as it is, as an alternative to SFW2, for very specific use cases where a root-managed firewall that is statically configured from within yast is "just not quite right". I have been following this discussion thread and I must say that I have been surprised from some of the reactions.
Given that Firewalld is very well integrated with NetworkManager, I believe that it definitely deserves a place in the openSUSE distribution. Seeing that we already have a couple of alternatives (e.g. Shorewall, ufw) in the distribution files itself, I do not see any reason why not to accept this package as well. Especially since it is the first one that is integrated with NetworkManager and all its applets.
As the author has been indicating, this was his initial plan and somehow it turned out to be a discussion whether or not to replace SFW2.
At this point I would ask you guys to actually look at firewalld and try it and see how it works and how it is configured/used... I have installed the packages from the indicated repository and I have started to use it. So far, so good. NetworkManager recognizes firewalld and allows me now to define the firewall zone per defined connection.
...which is exactly why I started this. I'll be investigating how to write a rudimentary yast module (which will only tell the user "The firewall on this system is managed by firewalld", and give them a button to launch firewall-config), but I strongly believe that firewalld and the idea of configuring it from inside a central tool that is used only by root really don't go together... cheers, MH -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org