Firewall configuration tool: system-config-firewall
Thomas Woerner
twoerner at redhat.com
Fri Jun 1 14:32:50 UTC 2007
Hello,
system-config-firewall is a new firewall configuration tool, which is
based on system-config-securitylevel and provides enhanced funtionality
and better user guidance.
Please have a look at:
http://koji.fedoraproject.org/scratch/twoerner/task_22791/
You will need system-config-firewall and system-config-firewall-tui
packages for your architecture.
system-config-firewall will replace system-config-securitylevel in
devel, soon.
Changes against system-config-securitylevel:
- lokkit is rewritten in python (compatible with old version, but
additional options).
- gtk user interface cleaned up.
- gtk UI enhancements: trusted interfaces, masquerading, custom rules
for all IPV4 tables and for IPv6 filter
- /etc/sysconfig/system-config-securitylevel is used for compatibility,
the new location for the configuration is
/etc/sysconfig/system-config-firewall
- The text user interface is fully functional, but in an early state -
this will be fixed.
- The selinux part is stripped out of the user interfaces, because there
is a new configuration tool for selinux: system-config-selinux.
- The lokkit command line tool still has the selinux options and has
the same behaviour as the old command line tool.
- There is a simple setup wizard for the gtk UI.
If you want to install system-config-firewall, you have to manually
uninstall system-config-securitylevel, because there is a file conflict
for /usr/sbin/lokkit. This version of system-config-firewall is not
working with system-config-kickstart and firstboot, because these tools
are using internal structures of system-config-securitylevel, which are
not available anymore. Therefore you have to uninstall these packages, too.
Thanks,
Thomas
More information about the fedora-devel-list
mailing list