Re: default firewall utility changes for Debian 11 bullseye
On 2019-12-19 12:29:59, Roberto C. Sánchez wrote:
> Hi Arturo!
>
> I know that this discussion took place some months ago, but I am just
> now getting around to catching up on some old threads :-)
Same here :)
> On Tue, Jul 30, 2019 at 01:52:30PM +0200, Arturo Borrero Gonzalez wrote:
> > > 2) introduce firewalld as the default firewalling wrapper in Debian, at least in
> > > desktop related tasksel tasks.
> > >
> >
> > There are some mixed feelings about this. However I couldn't find any strong
> > opinion against either.
> >
> > What I would do regarding this is (just a suggestion):
> > * raise priority of firewalld
> > * document in-wiki what defaults are, and how to move away from them
> > * include some documentation bits in other firewalling wrappers on how to deal
> > with this default, i.e what needs to be changed in the system for ufw to work
> > without interferences (disable firewalld?)
> >
> I like the idea of documenting this all in a wiki.
Yes, please. I was also bit by nftables migration when moving to buster
for some of my home-grown firewal scripts (running just fine for 10+
years, but now - looking forward to migrate to nft), so having this
documented would be very welcome, to see what alternatives are there.
iustin
Reply to: