ubuntu on firewalls
Karl Auer
kauer at biplane.com.au
Mon Mar 2 21:59:50 UTC 2009
On Mon, 2009-03-02 at 15:41 -0400, Derek Broughton wrote:
> >> > Firewall Builder 3 is the only one that I know for a fact fully
> >> > supports ip6tables, because I use it! It is in the repos, but the
> >> > version in the repos does not (or does not properly) support IPv6.
> >>
> >> Do you have a bug report for this?
> >
> > No - because it's not really a bug. It's just that the repos have older
> > versions. Most stuff in the repos is months if not years behind the
> > current versions; for 99% of stuff, that's no problem. For firewalls,
> > firewall managers and security software in general it's generally best
> > to get the latest stuff, and that probably isn't in the repos...
>
> I have to quibble. Yes, Ubuntu (and all Debian-based distros - in fact
> probably _all_ distros) is a bit behind the leading edge. And yes, you
> want your security software to have all the latest vulnerabilities fixed.
>
> But the two aren't incompatible, and when a security advisory is issued, the
> necessary patches are generally made to the _old_ software.
Of course. But not supporting IPv6, while it is a security *issue*, is
not really a security *bug*. It's more like lack of a security
*feature*, and new versions of things don't get added to Ubuntu release
repositories just because they get new features.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au) +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/ +61-428-957160 (mob)
GPG fingerprint: 07F3 1DF9 9D45 8BCD 7DD5 00CE 4A44 6A03 F43A 7DEF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20090303/0ec9d019/attachment.sig>
More information about the ubuntu-users
mailing list