Hi, I'm most familiar and comfortable with iptables, and use shorewall on my firewalls. With fedora23, it appears the default has shifted to firewalld. This has created a problem for me ever since, particularly with trying to build a reasonable firewall on my mail servers, as well as interacting with fail2ban. We typically offer submission, simap/spop, smtp, http/https, ssh, and domain services on our Internet servers. We also need snmp and nrpe for monitoring. Does anyone have a set of reasonable firewalld rules and understand how it interacts with fail2ban that they could share? firewalld doesn't even include all these services by default, so it's necessary to do it one port at a time... firewalld just doesn't seem to be appropriate for anything more than a desktop. I'd appreciate any ideas on how you build a firewall for fedora servers, particularly as it relates to interoperating with fail2ban and standard Internet services. Thanks, Alex _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
