As with all new packages, firewalld is somewhat of a moving target.
iptables has been around and "comfortable" because of familiarity.
I, being somewhat long in the tooth, am a little resistant to change. :-D
Thanks for the work which much be tedious.
John
On 01/24/2014 09:24 AM, Thomas Woerner wrote:
On 01/24/2014 03:10 PM, John Griffiths wrote:
> In August of last year, I was told on the list to use ipsets to add ips
> to the drop list.
>
> Seeing all the traffic on direct chain, should I be going this direction
> now?
>
It is good to go in this direction for separation, but it is not a
requirement.
I will be having a look at network address sets (ipset) support in
firewalld again. I am also thinking about the possibility to support
externally generated ipsets.
> Regards,
> John
> _______________________________________________
> firewalld-users mailing list
> firewalld-users(a)lists.fedorahosted.org
>
https://lists.fedorahosted.org/mailman/listinfo/firewalld-users
Regards,
Thomas
_______________________________________________
firewalld-users mailing list
firewalld-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/firewalld-users