Thomas Woerner wrote: > Please think of a scenario like this: Service A is adding > firewall rules for opening port 20 and 21 (ftp-data and ftp) for > everyone and service B is opening port 20 and 21 only for a specific > network segment. What do you want to have here? If you apply A's rules > first then 20 and 21 is open for everyone and the rules from B are not > used at all. But if you apply B's rules first, ... What is the right > ordering here? Should A or B win? A and B will collide anyway when they try to listen on the same ports. I don't see why it's important to make the packet filter rules coexist when the daemons won't. Björn Persson
Description: This is a digitally signed message part.