Am 01.08.2014 um 14:27 schrieb Nikos Mavrogiannopoulos: > I'm maintaining a VPN server in fedora and I'm wondering whether > I'd need to integrate firewalld to that. After reading the information > in https://fedoraproject.org/wiki/FirewallD I don't think I'm sure what > I'm supposed to do. > > There are two issues: > 1. Should my service turn on the firewall ports used by the server? > As far as I understand, in order for the service to work out of the box > I'd need to call firewall-cmd --port to enable the TCP and UDP ports > used by the server, possibly from the systemd unit file (are there any > hooks for that?) please don't do that without asking the user and *never* do that in the systemd-unit because even if the user decides to close the port you would open it again - that's a no-go installing whatever service don't mean automatically it is intended to be reachable on any interface and that is independent of the type of service nobody but the admin / user knows the intention of a installed package and it is bad practice have to close ports
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
