Hello Tomasz,
----- Original Message -----
From: Tomasz Torcz <tomek(a)pipebreaker.pl>
Subject: Re: About F19 Firewall
You seem to have missed this Fedora *18* feature:
https://fedoraproject.org/wiki/Features/firewalld-default
firewall-cmd is supposed to isolate user from all this chains.
Yep, true. My contention is not with the tool, but with the complexity it adds to the
rules with all the zones and sub-chains and user-space tooling around it.
->
https://fedoraproject.org/wiki/FirewallD
As I suspected a zone describes a network one is currently connected in. It could be home,
work, public(wifi at a coffee shop) etc. That means one must keep shifting from home to
work to home and in between public for coffee-shop. I wonder who's going to do that
every day. If they don't they either don't get to use the network services or are
not protected enough. Ex. one always has the 'public' zone rules activated.
That's mDNS, widely used in zeroconf discovery (for example,
printers).
I did not mean why is it used, but who needs it. I think for most users such
configurations are fairly static that mDNS & avahi can be disabled after their first
usage/discovery. Having a service/port open all the time, when you don't need it,
isn't a good thing.
---
Regards
-Prasad
http://feedmug.com