----- Original Message ----- > > > > > > > > > > sudo firewall-cmd --set-default-zone=FedoraServer > > > That will limit it to SSH, DHCPv6 and cockpit > > > > > > Or use default zone "Public", which swaps cockpit out and adds mDNS > > > > > > Or if you're "Reindl Harald"-level paranoid (no offense intended, Harald > > > but you're the most paranoid sysadmin I know, even more than me): > > > > > > sudo firewall-cmd --set-default-zone=block > > > > It always amaze me why people that says it is easy to change de default, > > were not happy with: > > > > sudo firewall-cmd --set-default-zone=OpenZone > > > > instead of forcing the less secure one to eveyone. > > I also thought that the whole points of having Zones etc, was so that > we could pick a different zone per network connection, > > so if I'm in the office or at home I can say use this zone, if I'm > at a coffee shop I can pick a different one etc. > > Or was this consider too much UI for the normal user? Surely > OSX has something to copy from, since they seem to define what > a normal user expects.
OSX has a firewall integration that I would rank as "awful". It's not any better than what we had in Fedora 20 (blocking firewall and a tool to open up ports). -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
