On 08/18/2014 10:10 PM, Stephen Gallagher wrote:
On 08/18/2014 03:43 PM, Elad Alfassa wrote:
I propose configuration that works out of the box.
Right now in the firewalld policy in Fedora Workstation any non-root port is unblocked by default. If you need a webserver running on port 80, I assume the best way of fixing this would be bundling a firewalld configuration file in webserver packages that will open port 80 and port 443 for you - but that might be out of scope for the Workstation WG and more in the Server WG realm.
Also, if we don't install it by default you'd still be able to install it, or install cockpit instead (I don't remember if cockpit has firewall controls, but it sounds like it's something it probably would benefit from having).
Cockpit does not currently have a firewall UI, but it's certainly something worth having there. I'll open an RFE.
There is now an issue in Cockpit's issue tracker open about adding Firewall controls. https://github.com/cockpit-project/cockpit/issues/1094 - Andreas