Re: Cemtos 7 : Systemd alternatives ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 8.7.2014 17:25, m.roth@xxxxxxxxx wrote:
> Dennis Jacobfeuerborn wrote:
>> The problem firewalld tries to solve is that nowadays you often want to
>> insert temporary rules that should only be active while a certain
>> application is running. This collides a bit with the way iptables works.
>> For example libvirt inserts specific rules when you define networks for
>> virtualization dynamically. If you now do an iptables-save these rules
>> get saved and on next boot when these rules are restored the exist again
>> but now libvirt will add them dynamically a second time.
>>
>> Firewalld is simply a framework built around iptables that allows for
>> applications to "register" rules with additional information such as
> And so nothing like, say, fail2ban....
I haven't looked closely on firewalld yet, but in practice it should 
probably allow making fail2ban functionality more robust and fail2ban 
like functionality simpler to implement. Especially as I distinctly 
remember of complaining of problems with fail2ban from Fedora list. 
(Granted have has very little time lately to read any mailing lists)

-vpk

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux