Announcement

Collapse
No announcement yet.

Firewalld 1.0 Released With Big Improvements

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Templar82
    replied
    Originally posted by jacob View Post

    Wouldn't it be better to learn assembly than learn a language that compiles to assembly?
    Actually yes I wish more people would do this in some cases.

    Leave a comment:


  • Chugworth
    replied
    Originally posted by jacob View Post

    Wouldn't it be better to learn assembly than learn a language that compiles to assembly?

    Wouldn't it be better to learn how to set the colours of pixels on the screen than learn an API that renders pixels on the screen?

    Wouldn't it be better to learn how to send/receive ethernet frames rather than use application-level protocols that send and receive ethernet frames?
    The difference is, working with nftables is not so hard.

    Leave a comment:


  • skeevy420
    replied
    Originally posted by jacob View Post

    Wouldn't it be better to learn assembly than learn a language that compiles to assembly?

    Wouldn't it be better to learn how to set the colours of pixels on the screen than learn an API that renders pixels on the screen?

    Wouldn't it be better to learn how to send/receive ethernet frames rather than use application-level protocols that send and receive ethernet frames?

    Leave a comment:


  • jacob
    replied
    Originally posted by Chugworth View Post
    Wouldn't it be better to just learn how to manage nftables than learn how to manage a service that manages nftables?
    Wouldn't it be better to learn assembly than learn a language that compiles to assembly?

    Wouldn't it be better to learn how to set the colours of pixels on the screen than learn an API that renders pixels on the screen?

    Wouldn't it be better to learn how to send/receive ethernet frames rather than use application-level protocols that send and receive ethernet frames?

    Leave a comment:


  • jacob
    replied
    Originally posted by lyamc View Post
    I just ufw allow 22 and hope for the best
    UFW is good for what it does, but apart from limited distro support it also has too many drawbacks:
    • AFAIK it's still based on iptables, not nftables
    • It doesn't support zones and doesn't integrate well with network manager
    • it's static and basically only useful for static servers
    • it doesn't integrate well with podman or other container environments
    • it has no GUI

    Leave a comment:


  • Chugworth
    replied
    Wouldn't it be better to just learn how to manage nftables than learn how to manage a service that manages nftables?

    Leave a comment:


  • lyamc
    replied
    I just ufw allow 22 and hope for the best

    Leave a comment:


  • jacob
    replied
    Originally posted by cl333r View Post
    Alright my little greasy monkeys, who's the first one to complain about firewalld?
    Me It doesn't support rate limitation per source IP address, only global rate limitation which is IMO worse than useless. Maybe it does now in 1.0 though?

    Leave a comment:


  • cl333r
    replied
    Alright my little greasy monkeys, who's the first one to complain about firewalld?

    Leave a comment:


  • phoronix
    started a topic Firewalld 1.0 Released With Big Improvements

    Firewalld 1.0 Released With Big Improvements

    Phoronix: Firewalld 1.0 Released With Big Improvements

    Firewalld was started by Red Hat a decade ago for managing Linux firewall functionality with Netfilter. Ten and a half years after the first release, Firewalld 1.0 was released this afternoon...

    https://www.phoronix.com/scan.php?pa...=Firewalld-1.0
Working...
X