ufw package integration
steve.langasek at ubuntu.com
Thu Sep 4 00:33:52 UTC 2008
On Tue, Aug 19, 2008 at 05:05:44PM -0400, Jamie Strandboge wrote:
> With the upload of ufw 0.20 to Intrepid yesterday, ufw now supports
> application (package) integration. This allows packages to declare their
> ports and protocols to ufw, so user's can specify an application profile
> when adding and removing rules. Application profiles can be thought of
> as simply port/protocol groups that are referenced by name.
> For example, when apache is installed, it could add a file to
> /etc/ufw/applications.d which declares it as running on tcp port 80.
If the files are installed in /etc/, then they have to be config files
(conffiles or otherwise). Config files are left installed when packages are
removed, and deleted only on package purge. How does this design prevent
leaving ports open when the package that they legitimately correspond to is
no longer installed?
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek at ubuntu.com vorlon at debian.org
More information about the ubuntu-server