Thomas Woerner wrote: > Please think of a scenario like this: Service A is adding > firewall rules for opening port 20 and 21 (ftp-data and ftp) for > everyone and service B is opening port 20 and 21 only for a specific > network segment. What do you want to have here? If you apply A's rules > first then 20 and 21 is open for everyone and the rules from B are not > used at all. But if you apply B's rules first, ... What is the right > ordering here? Should A or B win? A and B will collide anyway when they try to listen on the same ports. I don't see why it's important to make the packet filter rules coexist when the daemons won't. Björn Persson
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
