Hi, (this time with right recipient) after several month of tests, and sinc epeople seems to be out for Diwala in the indian office, I did took the time to finally switch the firewall from firewalld to nftables. The switch went well, but due to unforeseen consequence, it is possible that some hosts in the internal network did suffer from a 30 seconds lose of connectivity (due to firewall switching affecting the deployment of the firewall itself). However, this kind of failure was taken in account and the change got rollback pretty quickly. So we are now using a more hardened firewall, based on nftables. I will continue to harden the rules in the weeks coming. It should be as seemless as possible, but if anything break in a *.int.rht.gluster.org server (mostly builders) please tell infra team. -- Michael Scherer Sysadmin, Community Infrastructure and Platform, OSAS
_______________________________________________ Gluster-infra mailing list Gluster-infra@xxxxxxxxxxx https://lists.gluster.org/mailman/listinfo/gluster-infra
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gluster-devel mailing list Gluster-devel@xxxxxxxxxxx https://lists.gluster.org/mailman/listinfo/gluster-devel