Hello, I'm maintaining a VPN server in fedora and I'm wondering whether I'd need to integrate firewalld to that. After reading the information in https://fedoraproject.org/wiki/FirewallD I don't think I'm sure what I'm supposed to do. There are two issues: 1. Should my service turn on the firewall ports used by the server? As far as I understand, in order for the service to work out of the box I'd need to call firewall-cmd --port to enable the TCP and UDP ports used by the server, possibly from the systemd unit file (are there any hooks for that?). 2. What zone should the server put the clients they connect. Should there be some special vpn zone or should I use one of the existing ones? (none of the existing looks very reasonable for that). However, what is not apparent to me as a fedora packager is how is that supposed to be handled. Should the package handle any requirements by firewalld (i.e., package is plug and play), or should the package defer the administrator to configure firewalld separately (i.e., package is installed but doesn't work by default). I see that ssh and few other services are enabled by default by firewalld configuration itself, but what about the others? regards, Nikos -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
