On Thu, Nov 15, 2012 at 7:08 PM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote:
> Am 15.11.2012 19:02, schrieb Miloslav Trmač:
>> It would be very helpful for judging the maturity/suitability of
>> firewalld if you could try converting your iptables script to
>> firewall-cmd --direct (which, at least I hope, should be possible to
>> do with a few sed commands), and report back whether the pass-through
>> capability is good enough.
>
> you CAN NOT easily convert iptables.sh scripts containing
> hundrets of commands in a specific order which are well tested
> over years and your replacment for any hardware firewall/router
Have you actually _tried_? It's supposed to be as easy as
s/iptables/firewall-cmd --direct --passthrough ipv4/
I don't know for a fact whether it is good enough. You seem to have a
script that could tell us.
Mirek
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
