Am Montag, 24. November 2014, 20:05:20 schrieb Jim Henderson:
On Mon, 24 Nov 2014 11:55:28 -0800, Roger Luedecke wrote:
On Mon, 2014-11-24 at 15:55 +0100, Mathias Homann wrote:
Request for discussion: Should we offer firewalld as alternative for SuSEfirewall2?
I think we should...
mobile users (laptops) who use NetworkManager / Wicked for managing their ip connectivity "in userspace" would want to be able to have multiple wifi setups that end up being in different zones.
I'm going to try to package the latest firewalld from fedora for openSUSE, and test it with 13.2.
Progress report will follow in due time.
I think I fail to see what the problem with our current firewall is?
The issue is if you change wireless networks and connect to a combination of trusted and untrusted networks (for example: Trusted = home/work, untrusted = public wifi at the airport), you might want to have different zones/firewall settings depending on which wireless network you connect to.
Exactly my point.
I don't think our current FW implementation supports that kind of configuration.
It doesn't. Which is why SCPM was A Good Thing, but now with grub2 and systemd SCPM is pretty much useless, and there's no maintainer to carry it forward, either.
Mind, for a server the SuSEFirewall2 scripts are just great. I think the way to do it should be similar to what redhat/fedora does, and provide both SuSEfirewall2 (for servers, and desktops with static connections) and firewalld for laptops / network manager based setups. Then, the user can just choose which of the two to use.