On 12/19/2013 03:34 PM, Eli Qiao wrote:
? 2013?12?18? 19:00, Mark Wu ??:
Eli, Thanks for the patch. But it's not a reliable configuration. This rule will be lost after reboot. And shipping a configuration file is better than running commands in spec file.
Please take a look at firewalld and firewalld.service http://manpages.ubuntu.com/manpages/raring/man5/firewalld.service.5.html
It could be a better solution for the platforms where firewalld is available. hi Mark thanks for your comments, I did some investigation, this is a good solution, fedora and ubuntu has firewalld support. but RHEL not. as far as i know kimchi should support RHEL also, if we chose this solution, how about RHEL?
We could handle it separately: use static rules on RHEL and use firewall for other platforms
-- Thanks Eli (Li Yong) Qiao (qiaoly@cn.ibm.com) CSTL-KVM Frobisher/RHEV-H
* ? ? - ??? * ??
* ??