Re: Two elementary questions on LANs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 06/18/2011 05:12 AM, Timothy Murphy wrote:
> Tim wrote:
>
>> On Thu, 2011-06-16 at 22:19 +0200, Timothy Murphy sent:
>>> I think I got this wrong too.
>>> I am running shorewall on my server,
>>> and I forgot to turn iptables off.
>> Whenever I see mentions of "turning firewall off," that's a red flag, to
>> me.  Is shorewall an independent thing, or is it a configurator for
>> iptables?  Had turning off iptables turned off your firewall, or has it
>> handed control of it over to something else?
> It handed control over to shorewall.
> The probability of my making a mistake while configuring iptables
> is at least a hundred times higher than the probability that Tom Eastep
> (who wrote and runs shorewall) made a mistake in setting it up.

Got to be careful with semantics.  Shorewall is a front end to
iptables.  It doesn't control, or run.  It runs once at boot time to
setup the iptables. 

Tom's product is great.  I've known him for many years.  For a very
short time he gave up working on shorewall.  Glad he came back.

>>> I see now I can go to Manage Connections in NM,
>>> and specify the name servers.
>>> Now NM seems to leave /etc/resolv.conf alone.
>>> Previously I was just adding the nameservers by hand.
>> Adding them to what, though?  That file?
> To /etc/resolv.conf .
> I'm probably in a minority of 1, but I don't think applications
> should edit config files without telling you.

Ahh....  The application, NM, isn't editing a config file without your
knowledge.  First, the DNS servers are one setting that is supplied in a
DHCP request/response.  Second, in the setup of NM you can check a box
telling it to ignore what DHCP says and supply the information
manually.  That manual information is kept in the
/etc/sysconfig/network-scripts/ifcfg-XXX files.

>>>>> Changes to the routing table on the latter, eg changing the default
>>>>> gateway, do not seem to come into force until I re-boot.
>>>> How are you trying to bring about the gateway change?  Are you bringing
>>>> its interface down and back up again, to force a configuration reload?
> No, I didn't.
> But that wasn't necessary on Fedora;
> the change comes into force as soon as the route command is given.

FWIW, static routes can also be defined via the NM GUI.  They can either
add to or replace routing information supplied by DHCP.

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux