[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: And now for something completely different... etch!

>>>>> "Grzegorz" == Grzegorz B Prokopski <gadek@debian.org> writes:

    Grzegorz> On Tue, 2005-07-06 at 01:03 +0200, Javier
    Grzegorz> Fernández-Sanguino Peña wrote:
    >> [ Installation improvements ] - Firewall configuration during
    >> installation (ala Fedora Core or SuSE): module for
    >> d-i. Currently, the system is exposed just during installation
    >> on some systems (empty root password?)

    Grzegorz> Right.  Especially for workstation installation
    Grzegorz> something like below would allow to connect from
    Grzegorz> workstation to anywhere else, but not to any servers ran
    Grzegorz> on workstation.

I would suggest shorewall with a very simple default configuration.

IMHO, shorewall seems to be easy to use and configure, and can be used
in very simple single computer setups to very complicated networks.

The difficulty with supporting firewalls is that people will expect
"if I install package X, then it should automatically adjust the
firewall to allow it to work". I really do *not* want to go down this
path.

The firewall is up to the administrator to decide on, not the package
maintainers.
-- 
Brian May <bam@debian.org>
Reply to: