On Mon, 2009-04-06 at 14:36 +0200, Ludwig Nussel wrote: > SuSEfirewall2 does not have such a mechanism and TBH I pretty much > dislike the idea of allowing applications to inject arbitrary rules. > I'd prefer some higher level abstraction so it's left to the > firewall to decide how to translate the request into actual iptables > rules (or whatever else technology is used in the background). How would that be done ? I don't know of any tool that could do that, especially given the large number of existing firewall mgmt tools out there (s-c-firewall, SuSEfirewall2, whatever Debian/Ubuntu have, shorewall, pyroman, ...) David -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list