Become a fan of Slashdot on Facebook


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Red Hat Software Security Linux

Linux Gets Dynamic Firewalls In Fedora 15 176

Posted by Soulskill
from the changing-on-the-fly dept.
darthcamaro writes "Linux users have long relied on iptables for in-distro firewall setup. The upcoming Fedora 15 release changes that and introduces us to new dynamic firewall technology. 'Most Linux systems use IP tables type firewalls and the problem is that if you want to make a change to the firewall, it's hard to modify on the fly without reloading the entire firewall,' Fedora Project Leader Jared Smith said. 'Fedora 15 is really the first mainstream operating system to have a dynamic firewall where you can add or change rules and keep the firewall up and responding while you're making changes.'"
This discussion has been archived. No new comments can be posted.

Linux Gets Dynamic Firewalls In Fedora 15

Comments Filter:
  • First (Score:5, Insightful)

    by Anonymous Coward on Saturday May 21, 2011 @04:59PM (#36204534)

    Ehm, iptables doesnt need reloading. Add a rule and it works right away?

  • by Anonymous Coward on Saturday May 21, 2011 @05:03PM (#36204552)

    Linux, as always, proves that it is always up to date with modern technology. Next you'll have kernel-level drivers that don't break on recompilation of the kernel!11

  • reloading? (Score:5, Insightful)

    by El_Muerte_TDS (592157) on Saturday May 21, 2011 @05:03PM (#36204560) Homepage

    it's hard to modify on the fly without reloading the entire firewall

    It is? Then what have I been doing wrong for all these year?

  • What's the point? (Score:3, Insightful)

    by Anonymous Coward on Saturday May 21, 2011 @05:28PM (#36204720)

    So an application can say hey I need a port open, please open a pinhole in the firewall.

    I don't get that. If you want applications to be free to open ports, why would you filter them in the first place? (and what does it mean to filter ports that are closed anyway?)

    I would say controlling such an ability in an application belongs to something that acts on bind(9) calls.

  • Re:First (Score:2, Insightful)

    by thegarbz (1787294) on Saturday May 21, 2011 @06:14PM (#36204964)

    Wow linux works when all power is cut-off to the computer? Brilliant!

    Seriously this is an idiotic statement. Not needing to reboot a machine is all the more reason to test rebooting it and make sure all previous changes are persistent and the machine comes up correctly. If you don't you'll find that machine will go down for a reboot unexpectedly on the 24th December at 5pm and you're on the on-call list.

The secret of success is sincerity. Once you can fake that, you've got it made. -- Jean Giraudoux