1 |
Nope. Sorry. Im not in agreement in this at all. Of course, its open to debate, |
2 |
Im not saying I know everything, nor Im 100% right. Go ahead, debate away. |
3 |
But I dont want any part of it, Ill tell you that! |
4 |
|
5 |
If you dont understand the ramnifications of packet filetering, NAT, etc then |
6 |
you have *no* business running this software. We are not Microsoft or Wingate, |
7 |
opening yuor machine to a wider world. |
8 |
|
9 |
What if somebodys iptables script is made into an ebuild, and said script turns |
10 |
out to be flawed, perhaps seriously? Then its "hey, yeah those guys at gentoo |
11 |
have a firewall setup like swiss cheese.". What interfaces are yuo going to |
12 |
configure this ebuild for? eth0 and eth1? how about ppp? maybe an isdn |
13 |
interface? How do yuo choose? Im going to say this again, it is %100 |
14 |
configuration. This is *not* the domain of a package. It is the domain of |
15 |
a system administrator. This is 1 file we're talking about here people, not |
16 |
a series of docs, scripts, config files. *most* of them anyway. There *are* |
17 |
some that come with external configs. But thats all beside the point. The |
18 |
script needs to be edited. This whole thing started because we basically had |
19 |
a post to the devel list of the flavour: "I need an iptables HOWTO". |
20 |
|
21 |
What are you going to do about the kernel modules? Did you know that |
22 |
the netfilter modules are built at the kernel level? How are you going to |
23 |
DEPEND on that? |
24 |
|
25 |
This is bad policy. A distribution should *not* be dictating *policy*. To |
26 |
not understand that is a big mistake. Listen, Redhat and Mandrake are |
27 |
the kinds of distros doing this stuff! Making Linux into a 1-click affair. |
28 |
This is not our primary intention. Not at this stage anyway! |
29 |
|
30 |
So feel free to debate it all you want, I wont be having *any* part in it |
31 |
Ill tell you that! |
32 |
|
33 |
Cheers! |
34 |
-- |
35 |
Donny |