On Thu, Jul 06, 2006 at 05:19:42PM -0400, Luke Macken wrote: > A couple of meetings ago someone mentioned the tool pyroman[0] in regard to > managing the firewalls on our infrastructure. Since then, I've been playing > around with this tool, and have been fairly impressed. > > I've imported pyroman 0.3 along with a _basic_ Fedora infrastructure profile > into cvs. I've added all of our PHX machines listed on InfrastructurePrivate, > and added some other minor tweaks. It's not 100% ready for deployment yet, > it still needs: > > o to allow traffic to most services on our machines > o profiles for our machines at Duke > o to be compared against our current rc.firewall script > - I've ported over most of it (the stuff I could actually > understand), but there might be some stuff I missed > o LOTS of testing We should probably toss ipv6 support on this list too. luke
