[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: What I HATE about F11



(Can you please configure your mailer to either wrap lines and/or use format-flowed?)

Casey Dahlin wrote:
On 06/15/2009 03:19 PM, Matthew Woehlke wrote:
Casey Dahlin wrote:
Really, init scripts should open the firewall ports they need when
their service comes up (and I'll propose something for upstart 1.0
later today to make that make more sense.)
How is that supposed to work when I only want to allow connections to a
service on a whitelist of IP addresses?

Right now I do this with static iptables rules that I have set up
(which, since I am never /not/ running the daemon in question, doesn't
have any drawbacks I can think of off the top of my head).

You'll likely have to change some configuration to get exactly what
you want, and we'll have to work for a set of defaults that don't
ruin your life until you do.

Configuration is fine, just as long as there /is/ configuration and not running a service always exposes it to the world with no way to prevent that. (Prevention by editing init-scripts doesn't count ;-).)

--
Matthew
Please do not quote my e-mail address unobfuscated in message bodies.
--
End of Transmission


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]