Hi there, Fedora is running a project called firewalld. Firewalld manages the firewall dynamically via D-BUS (http://fedoraproject.org/wiki/FirewallD/#Why_A_Firewall_Daemon). They say: "the current firewall model is static and **every** change requires a complete firewall restart. This includes also to unload the firewall netfilter kernel modules and to load the modules that are needed for the new configuration." I would be very surprised if their claim is true. Because that would break statefull connections when changing the rules. I'm not familiar with the code so I can't comment on that. Hence my question. Is the current firewall model static? Best regards, -Hansa -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
