On Thu, 2012-11-15 at 19:46 +0100, Reindl Harald wrote: > > Am 15.11.2012 19:37, schrieb Kevin Fenzi: > >>> Have you actually _tried_? It's supposed to be as easy as > >>> s/iptables/firewall-cmd --direct --passthrough ipv4/ > >>> > >>> I don't know for a fact whether it is good enough. You seem to > >>> have a script that could tell us. > >> > >> i posted a script realier this day as .txt file with > >> masked network details, but it did not go trough list > >> moderation AFAIK until now > > > > Everyone on this list doesn't need a copy of your (lengthy) iptables > > script, IMHO. > > > > Perhaps the two of you could continue this off line and test and report > > back to the list? > > your argumentation is NOT helpful > > i can NOT test a iptables.sh replace for a whole INFRASTRUCTURE > i can NOT post a unmasked version with ip-addresses and hostnames > i can NOT simulate a whole network with around 100 machines I don't think anyone asked you to do any of those things. Fedora obviously does not have the power to replace iptables with firewalld on your router, so the question is not 'can you replace iptables with firewalld on everything in your network and see if it works'. The question is more 'can you see if firewalld does a good job of imitating iptables on a single Fedora machine on your network, or a small amount of them'. The whole point is it should be able to imitate an iptables-type setup fairly transparently, so it should 'play nice' with the rest of your setup. Can't you just test that? -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel