On Tue, Sep 10, 2013 at 11:36:01PM -0400, Sam Kottler wrote: > Given the deny-by-default nature of security groups I think it makes sense > to disable firewalld in the AMI's. I haven't seen any other AMI's that > have a firewall enabled by default and we probably shouldn't break that > pattern IMO. > Thoughts? We do disable firewalld by default, but based on an earlier discussion, we leave a basic iptables firewall in place. As always, I'm willing to revisit these things. Note that since Anaconda _requires_ firewalld to configure the firewall, we have to remove it in %post. https://bugzilla.redhat.com/show_bug.cgi?id=1004976 -- Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm@xxxxxxxxxxxxxxxxx> _______________________________________________ cloud mailing list cloud@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/cloud Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
