Eli,
Thanks for the patch. But it's not a reliable configuration.
This rule will be lost after reboot.
And shipping a configuration file is better than running
commands in spec file.
It could be a better solution for the platforms where firewalld
is available.
hi Mark thanks for your comments,
I did some investigation, this is a good solution, fedora and
ubuntu has firewalld support. but RHEL not.
as far as i know kimchi should support RHEL also, if we chose this
solution, how about RHEL?
We could handle it separately: use static rules on RHEL and use
firewall for other platforms
--
Thanks Eli (Li Yong) Qiao (qiaoly@cn.ibm.com)
CSTL-KVM Frobisher/RHEV-H