Re: Firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/06/2010 08:40 PM, Richard W.M. Jones wrote:
> On Mon, Dec 06, 2010 at 11:15:37AM -0800, Jesse Keating wrote:
>> On 12/06/2010 11:05 AM, Daniel P. Berrange wrote:
>>> The other benefit would be if the user only intended the
>>> service to be accessible to localhost, or a UNIX domain
>>> socket but for some reason screwed up their service's
>>> config&  opened it to the world.
>>>
>>
>> I could buy this if we actually alerted users to this, when in fact we
>> /disable/ logging in the default firewall set, so your packets just
>> magically disappear  leaving the user scratching their head as to why
>> the hell things aren't working.
>
> Yes, enabling logging of packets really helps to track down
> firewall misconfiguration.
>
> What we really lack is good visibility for n00bs.  Sure you can do
> 'netstat -anp' to show open ports and (if you're more of an expert
> than me) look at iptables to see what's wrong, but having nice GUI
> tools to display this information would be better.
>
> (No, I'm not volunteering to write them ...)
>
> Rich.
>

Thats actually a really nice idea we could tackle with the firewall 
stuff Thomas is working on in the future.

added_to_feature_list++ :)

Thanks & regards, Phil

-- 
Philipp Knirsch              | Tel.:  +49-711-96437-470
Supervisor Core Services     | Fax.:  +49-711-96437-111
Red Hat GmbH                 | Email: Phil Knirsch <pknirsch@xxxxxxxxxx>
Hauptstaetterstr. 58         | Web:   http://www.redhat.com/
D-70178 Stuttgart, Germany
Motd:  You're only jealous cos the little penguins are talking to me.
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux