[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfire-development
Subject:    Re: Question regarding the forthcoming default firewall rule patch
From:       Michael Tremer <michael.tremer () ipfire ! org>
Date:       2023-10-26 10:37:22
Message-ID: 215D5812-4814-40DA-A66E-602304F2B7FB () ipfire ! org
[Download RAW message or body]

Hello Peter,

I do not think that it should contain a link.

First of all, it won't be clickable and as we don't parse the comments and look for \
links. Secondly, we should not link to external websites that we don't control like \
this. And last, but not least, the proposed PDF is really long and complicated and I \
don't think that this is helpful to encourage people to keep that rule there.

So, simply "Block port 25 (TCP) for outgoing connections to the internet" should do \
it. More stuff should be referred to on the wiki.

-Michael

> On 26 Oct 2023, at 11:33, Peter Müller <peter.mueller@ipfire.org> wrote:
> 
> Hello Michael,
> hello *,
> 
> for the forthcoming patch, which introduces a firewall rule for rejecting TCP
> connections to destination port 25 on RED from all internal networks on new
> installations only, I'd like to clarify upfront what resource the rules' comment
> should link to, if any.
> 
> This could be a blog post by us, which would only go live shortly before the
> release of the Core Update this patch is merged into, so it will be a dead
> link at the time of patch submission.
> 
> Otherwise, linking to our wiki would work as well, or we can refer to the
> M3AAWG recommendation on this topic (https://www.m3aawg.org/Port25_IPNetworks)
> straight away.
> 
> Do you have any preferences?
> 
> Thanks, and best regards,
> Peter Müller (crawls back into the sewers)


[prev in list] [next in list] [prev in thread] [next in thread]