On 04/21/2017 05:22 PM, Subhendu Ghosh wrote:
I think manually configuring and saving firewall rules in Atomic Host
is a special case. The default build is to support orchestrated containers, and that
brings potential for iptables rules automation.
Currently we don't enable a firewall in our qcow images. Would delivering
both iptables and firewalld but not enabling either firewall by default
alleviate your concern? This means the user only really deals with
firewalld if he/she wants it.
For ISO installs the user has full control over the system so can set
up/enable firewall during kickstart so I'm mostly talking about cloud
pre-baked image use cases.
Dusty