ufw package integration

Dennis Kaarsemaker dennis at kaarsemaker.net
Thu Sep 4 11:10:04 BST 2008

On wo, 2008-09-03 at 17:33 -0700, Steve Langasek wrote:
> On Tue, Aug 19, 2008 at 05:05:44PM -0400, Jamie Strandboge wrote:
> > With the upload of ufw 0.20 to Intrepid yesterday, ufw now supports
> > application (package) integration. This allows packages to declare their
> > ports and protocols to ufw, so user's can specify an application profile
> > when adding and removing rules. Application profiles can be thought of
> > as simply port/protocol groups that are referenced by name.
> > For example, when apache is installed, it could add a file to
> > /etc/ufw/applications.d which declares it as running on tcp port 80.
> If the files are installed in /etc/, then they have to be config files
> (conffiles or otherwise).  Config files are left installed when packages are
> removed, and deleted only on package purge.  How does this design prevent
> leaving ports open when the package that they legitimately correspond to is
> no longer installed?

Something similar as for initscripts, which also linger around?

test -e $DAEMON || exit 0
Dennis K.

The universe tends towards maximum irony. Don't push it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20080904/878f1de5/attachment-0001.pgp 

More information about the ubuntu-devel mailing list