Any experience with firewalld?

[Andrew McNabb]

On Mon, Aug 27, 2012 at 07:29:58PM -0600, Michael Torrie wrote:
> When I installed Fedora 17 I noticed it installed a daemon called
> firewalld.  Unfortunately any GUI to monitor and control the thing isn't
> ready yet.  And I couldn't figure out the command-line part, so I
> ditched it.

Did you install the beta?  I thought they removed this before Fedora 17
final.

> Have any of you messed with it much?

I've come across it in the beta, got annoyed, and disabled it, since I
manage my firewall settings manually.  But it was easy to get out of the
way.

> Part of me is having a real hard time with the Windows-ification of
> Linux in modern distros.  It's like distro developers can't fathom the
> idea that I might still need to ssh into my machine (not a server) and
> do things on it without being logged into the GUI console.

I think the main idea is that it's easy for an experienced admin to
disable a service and do it manually, but it's not easy for a novice to
enable it.  So they try to design things for the most common case.  It
doesn't always work out right, but I think it's a noble goal.  I find
the release notes invaluable because they warn me of any new automatic
behavior that I should be aware of.  I often need to work around such
fancy features, but they're usually easy to disable.

> I can see how firewalld could be useful of course.  Just not sure about
> the execution.

I wasn't too excited about it, but I don't usually like tools like this.

> In other good news, though, Fedora 18 will support the Mate Desktop
> packages in the main repos so no more having to use third-party repos
> just to get a functioning desktop!  Yay.  Long live Gnome 2.

That's very exciting.  Too bad mainstream GNOME has defined away all of
their users as atypical and unimportant.

--
Andrew McNabb
http://www.mcnabbs.org/andrew/
PGP Fingerprint: 8A17 B57C 6879 1863 DE55  8012 AB4D 6098 8826 6868