[Discuss] firewalld rant
Dale R. Worley
worley at alum.mit.edu
Sun Nov 8 21:54:13 EST 2020
> From: Matthew Gillen <me at mattgillen.net>
> Subject: [Discuss] firewalld rant
...
> Side note in ambiguous documentation: check out the "masquerade" option
> https://firewalld.org/documentation/man-pages/firewalld.zone.html :
> ..."If it's present masquerading is enabled."
> no indication of which interface it should be set on (the internal or
> external; the answer is you set that option on the interface you want to
> masquerade /out/ of).
...
I know nothing about firewalld, but I've noticed over the years that
documentation of how to configure/use software packages comes in two
varieties:
1) documentation that explains clearly and explicitly the consequences
of what one does
2) the vast majority of documention, which gives general descriptions of
the conseuqences of various actions, but presupposes you have telepathic
knowledge of a larger structure which contains most of the details
As in the above example, when you set masquerading on interface X,
*which* packets coming from *which* interfaces are masqueraded *how*
going out *which* interface?
Dale
More information about the Discuss
mailing list