Fedora Users — Re: Why does Fedora do this with iptables?

Re: Why does Fedora do this with iptables?

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: For users of Fedora <fedora-list@xxxxxxxxxx>

Subject: Re: Why does Fedora do this with iptables?

From: Bill Davidsen <davidsen@xxxxxxx>

Date: Thu, 20 Sep 2007 17:56:12 -0400

In-reply-to: <fc4uuk$2qp$1@xxxxxxxxxxxxx>

References: <46E5D62E.7070708@xxxxxxxxx> <fc4uuk$2qp$1@xxxxxxxxxxxxx>

Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.8) Gecko/20061105 SeaMonkey/1.0.6

Robert Nichols wrote:

Michael Klinosky wrote:
I have F7, and believe that FC6 also did this.
I'd like to know why Fedora creates a user-defined chain -"RH-Firewall-1-INPUT". Is that better than putting the rules into INPUT?
Note that the RH-Firewall-1-INPUT chain is called from two places.
Think about it.

I have, but it doesn't jump out why you would assume that you want tohave the same INPUT and FORWARD rules. Perhaps some assumptions abouthow people use their systems, and certainly not always desirable formulti-homed systems, including running VMs with xen or kvm, and I can'timagine doing that on a firewall.


--
Bill Davidsen <davidsen@xxxxxxx>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot