[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] firewalld upgrade


Am Samstag, den 19.11.2016, 08:55 -0500 schrieb James Valleroy:

> On 11/19/2016 06:24 AM, permondes - sagen wrote:
> > firewalld has a conffile prompt and I am not sure which version I should
> > use. The changes are:
> > 
> >> -DefaultZone=external
> >> +DefaultZone=public
> >> IPv6_rpfilter=yes
> >> +IndividualCalls=no
> >> +LogDenied=off
> > 
> > Is it save to take the new settings or will e.g. DefaultZone impact
> > FreedomBox?
> 
> FreedomBox does expect the DefaultZone to be external. I think the
> safest option is to:
> 
> 1) Choose 'y' to take the maintainer's version of this file.
> 
> 2) Run "sudo firewall-cmd --set-default-zone=external" to change the
> DefaultZone back to external.
> 
> Of course this is not a good user experience, and will prevent automatic
> upgrades of firewalld whenever the package modifies this file.
> 
> The root cause is that /etc/firewalld/firewalld.conf is a conffile, and
> firewalld modifies this file when we run the above command.
> 
> --
> James

Thanks James, I did that, looks okay.
We have to find a way to handle the special configurations in a
different / user friendly way, I think.

> 
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20161119/ded5521d/attachment.html>
Reply to: