[Spce-user] Firewalling rules 3.8.1

Jon Bonilla (Manwe) manwe at sipdoc.net
Fri May 29 07:34:50 EDT 2015


El Fri, 29 May 2015 13:07:16 +0200
Alex Lutay <alutay at sipwise.com> escribió:

> Dear Jon,
> 
> Security tools did not pass all tests to be enabled by default,
> while they are still available for installation/testing.
> 
> Unfortunately, NGCP CE security-tools developer had lost interests here
> and switched to other projects ;-)
> 
>

Hi Alex

I think there are two options here:

Install the tools by default and leave the firewall disabled in config.yml as
it is.

Remove all firewall options from config.yml and the templates.


What I think it's a bad idea is to have the option to enable it in
config.yml but the templates not installed. If it's optional, then we should
make optional the yml revision too. 

Another tip: The sysctl templates which change some parameters depending on the
firewall options should be moved to security-tools too. Nosense to have them by
default in the system templates if we do not offer firewall options.



cheers,

Jon





-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Firma digital OpenPGP
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20150529/ffef5069/attachment-0001.sig>


More information about the Spce-user mailing list