Andrew Holway wrote: > This would perhaps be a very interesting addition to the HBAC stuff. > We're considering deploying freeipa on EC2 and LDAP backed firewalld > would be a very powerful tool for a geographically distributed system.
There is an existing open ticket for this request, https://fedorahosted.org/freeipa/ticket/2110 A user contributed an initial design was contributed a few months ago, http://www.freeipa.org/page/V4/Firewall_Configuration Definitely a desirable feature, just a matter of scheduling it. rob > > > On 31 December 2014 at 16:56, Jorick Astrego <j.astr...@netbulae.eu > <mailto:j.astr...@netbulae.eu>> wrote: > > Hi, > > FreeIPA is great! One thing I'm missing though is management of > firewalld services and ports. > > Is that something that would fit in FreeIPA? > > Currently we are using puppet scripts through katello/the foreman, but > as this is very error prone we'd like to have it centrally managed a > different way. > > The firewall rules are very essential IMHO and I thought the whole > point > of firewalld is to have make it more manageable... > > I already asked the katello guys but they don't appear very interested > in implementing something there, then I started thinking it would maybe > fit a lot better in freeIPA as it has more overlap with the other > network/authentication stuff. > > It would be wasteful to have another project just for firewalld > management. > > Happy new year everybody! > > Jorick > > > > > > > > ** > Met vriendelijke groet, With kind regards, > > Jorick Astrego* > > Netbulae Virtualization Experts * > ------------------------------------------------------------------------ > Tel: 053 20 30 270 i...@netbulae.eu <mailto:i...@netbulae.eu> > Staalsteden 4-3A KvK 08198180 > Fax: 053 20 30 271 www.netbulae.eu <http://www.netbulae.eu> > 7547 > TA Enschede BTW NL821234584B01 > > > ------------------------------------------------------------------------ > > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go To http://freeipa.org for more info on the project > > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project