[Design] Kernel-based BMC firewall
jainmjo at gmail.com
jainmjo at gmail.com
Sat Mar 2 14:19:31 AEDT 2019
On Sat, Mar 2, 2019 at 2:54 AM Joseph Reynolds <jrey at linux.ibm.com> wrote:
>
> ## Alternatives Considered
>
> A user interface to indicate the firewall's status was considered.
> This would invoke iptables and return success only if it showed
> firewall rules, something like `iptables -L -n -v`. This is not
> needed for basic function.
>
> The `ufw` firewall was considered. It is implemented in Python which
> is being removed from the OpenBMC image.
>
iptables is being replaced with nftables (at least in the debian world).
Have you considered nftables?
I am very new to OpenBMC. So please correct me if this is not relevant.
~jj
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20190302/e5492e7a/attachment.htm>
More information about the openbmc
mailing list