Linux Gets Dynamic Firewalls In Fedora 15 176
darthcamaro writes "Linux users have long relied on iptables for in-distro firewall setup. The upcoming Fedora 15 release changes that and introduces us to new dynamic firewall technology. 'Most Linux systems use IP tables type firewalls and the problem is that if you want to make a change to the firewall, it's hard to modify on the fly without reloading the entire firewall,' Fedora Project Leader Jared Smith said. 'Fedora 15 is really the first mainstream operating system to have a dynamic firewall where you can add or change rules and keep the firewall up and responding while you're making changes.'"
First (Score:5, Insightful)
Ehm, iptables doesnt need reloading. Add a rule and it works right away?
Modern technology in Linux (Score:1, Insightful)
Linux, as always, proves that it is always up to date with modern technology. Next you'll have kernel-level drivers that don't break on recompilation of the kernel!11
reloading? (Score:5, Insightful)
It is? Then what have I been doing wrong for all these year?
What's the point? (Score:3, Insightful)
So an application can say hey I need a port open, please open a pinhole in the firewall.
I don't get that. If you want applications to be free to open ports, why would you filter them in the first place? (and what does it mean to filter ports that are closed anyway?)
I would say controlling such an ability in an application belongs to something that acts on bind(9) calls.
Re:First (Score:2, Insightful)
Wow linux works when all power is cut-off to the computer? Brilliant!
Seriously this is an idiotic statement. Not needing to reboot a machine is all the more reason to test rebooting it and make sure all previous changes are persistent and the machine comes up correctly. If you don't you'll find that machine will go down for a reboot unexpectedly on the 24th December at 5pm and you're on the on-call list.