Mailinglist Archive: opensuse-factory (745 mails)

< Previous Next >
Re: [opensuse-factory] communication regarding the move to firewalld
nicholas cunliffe wrote:
Information appears informally regarding the move: suggestions of
susefirewall 'stopping working correctly' talk of firewalld
implementation not being complete. yast control now tied to firewalld
even though susefirewall still being in use. For those of us who are
not experts, the information is confusing. There are many threads on
the forums expressing confusion, rather than explanation and facts.

i think the move to firewalld should be announced and communicated,
with guidance on timing and setup where possible.

Absolutely.

I just installed the package on my TW laptop, to have a look at things.
So far I'm not too impressed I have to say. SuSEfirewall2 had a nice text file
with all the configuration options and hints for various things like
masquerading, port forwarding etc., which I use a lot on our server.

On quick look I couldn't find something similar for firewalld. Instead a lot of
xml files :(( So I had a look at the conversion script,
susefirewall2-to-firewalld.

It suggested running it (dry-run), to see what happens. It claimed it would
only stop and restart SFW2. It did (of course) also stop fail2ban, but did not
restart it afterwards...

I also noticed that using firewalld had caused the load of >30 new kernel
modules...

At least fail2ban seems to support firewalld, too.
But I do fear this change will cause quite some work :o
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References