[ale] Firewalld is incomplete

Brian Neu ale at advancedopen.com
Wed Feb 20 00:53:17 EST 2019


As much as I was fighting to find a worthy, Linux-based firewall distro 
for our office that was feature-rich, and still free, I came to conclude 
that the BSD-based "OpnSense" was a fantastic pfSense fork and my best 
option.  We'd used Endian in the past, but it was far too simple for 
some of our VLAN needs, and I had to standardize on something.


On 1/31/2019 4:43 PM, Jim Kinney via Ale wrote:
> Hmm. Looks like iptables has not been dropped. My Fedora 29 installs:
>
> nftables-0.9.0-2.fc29.x86_64
> ebtables-2.0.10-28.fc29.x86_64
> iptables-1.8.0-3.fc29.x86_64
>
> Apparently the different tools can all be used to manipulate the 
> netfilter subsystem in the kernel.
>
> But, yes, for some loosely defined value of "using", you are correct 
> that nftables is the replacement.
>
> By the time I wrap my head of _that_ it will all be run in systemd 
> anyway so I won't need to do anything :-}
>
> On Thu, 2019-01-31 at 15:03 -0600, Preston via Ale wrote:
>> On 1/26/2019 8:17 PM, Jim Kinney via Ale wrote:
>> <snipped>
>>> The firewall was overdue for replacement... This is done with several iptables entries for nat and port
>>> forwarding.
>> Wait, I thought we were supposed to be using nftables nowadays.
>> Preston
> -- 
> James P. Kinney III
>
> Every time you stop a school, you will have to build a jail. What you
> gain at one end you lose at the other. It's like feeding a dog on his
> own tail. It won't fatten the dog.
> - Speech 11/23/1900 Mark Twain
>
> http://heretothereideas.blogspot.com/
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-- 
Brian W. Neu
Principal
Advanced Open Systems, Inc.
Technology Applied for Business
aosystems1 (skype)
678.310.7890 (w)
404.452.0043 (c)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20190220/c401a6f7/attachment.html>


More information about the Ale mailing list