* Carlos E. R. <robin.listas@telefonica.net> [02-27-19 06:22]:
On 27/02/2019 12.12, Anton Aylward wrote:
Yes there were certainly a number of systems that wrapped Shorewall into a very nice application for a dedicated box. I was never enamoured with the idea of 'personal firewall' on each machine, since I'm a bit old school and agreed that the 'firewall as the networks response to poor host security', the quote some guru or other.
But that was then, this is now; many individuals at their workstations are either idiot or had a passing bout of idiocy that opened them to an attack. They too need to be either isolated or given a 'personal firewall'.
Then, too, there are the 'single machines on the net', users.
So not I think differently. Professionally. But here I have a number of layers before getting to my host, and a lot of my processing isn't done on my host.
Remember that in a today's house there are a lot of gadgets with Internet connectivity that we don't control fully. Say, the fridge.
Have you looked at https://software.opensuse.org/package/gufw
My setup is not simple.
My desktop firewall opens certain ports to only certain IPs, so that a visitor would not get automatic access. I don't see that feature in firewalld.
firewall-cmd --list-all-zones firewall-cmd --zone=public --add-port=12345/tcp --permanent firewall-cmd --zone=public --remove-port=12345/tcp --permanent https://www.linode.com/docs/security/firewalls/introduction-to-firewalld-on-... https://firewalld.org/documentation/ -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Registered Linux User #207535 @ http://linuxcounter.net Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org