That's because we've had them for decades. And no one person or team was responsible for all of them. I would be very surprised if a small systemd team could come up with their own alternatives in a matter of four years without introducing multiple bugs and vulnerabilities. I could be wrong of course, but their track record regarding bugs does not inspire confidence. There are multiple recent bug reports relating to the firewalld service failing to start. Even in Red Hat Enterprise Linux. How embarrassing. I suppose that's just one of those things which might be fixed when they feel like it and who cares for firewalls anyway? It's not as though that old crud enhances computer security in the 21st century, is it? And busy sysadmins have all the time in the world to fix these problems anyway.

2 members found this post helpful.

comment filename
I am not taking the writer serious, when you don't write the context and the function with it

The developers of systemd lack some social skills imo.
That does not mean that systemd itself is bad.

and PS. the bug reports are debian packaging based, not a systemd bug

my funny part again:
Dont get me wrong here and not compare systemd with the next example literately.

If the Goverment calls everyone that they need a new flew shot (which cures all diseases),
they always say its Mandatory to take the shot, but not everyone is taking the shot.

If firewalld can't even protect the system, then what good is it? Sitting in the system looking pretty? Heck yeah red Hat should be embarrassed. This was their baby after all on some level.

Will this mean sysadmins will have to resort to using shell scripts to load a firewall module and rule set? [sarcasm]I thought systemd was supposed to do everything for people, not expect sysadmins to do more work.[/sarcasm]

Can you provide those bug reports.

@ReaperX7 (starting firewalld from shell script failed aswell)
The ones known by me, have nothing to do with systemd. (copy/paste from your journal will always include systemd)
and firewalld service failing to start, can have multiple reasons. and systemd refuses to start it because there is an issue (after all its a daemon-manager)
if I remove a library file on Slackware (LibEgl anyone ? ...) and I try to start something with systemd, it will refuse to start. (it isn't systemd's fault it doesn't start)

Well there's one here but you have to subscribe to see the solution. That's really funny: having to subscribe to see the solution to a problem that they themselves have created.

And there's another here.

The point of course is iptables and netfilter worked reliably. This systemd-related junk doesn't. But people will still say it's much better than existing methods. Meanwhile sysadmins around the world are abandoning Linux in droves because of this junk and the time they have been wasting trying to fix problems that would not have existed had the distros remained with the tried and true technology.

Bear in mind that while you're away checking whether this really is a systemd bug or not there's probably a sysadmin somewhere in the world right now having to deal with this exact issue. Meanwhile he doesn't have a firewall to protect his server. But because he now has to go and do his research to see if it's a systemd bug or a firewalld bug or a CentOS packaging bug he's not going to be able to troubleshoot the issue as quickly as he could have had it been, for example, an iptables configuration issue. And if it's the bug that was reported to Red Hat he's not going to be able to fix it at all, because the commercial vendor keeps the solutions to the problems it creates behind a paywall.

Of course he should just have used Slackware or Crux or one of the BSDs and avoided this rubbish altogether.

3 members found this post helpful.

Thanks for defining System D for me. Sorry about that.

What is the standard way to check if your firewall has started in Slackware. Ooops, there is no firewall by default in Slackware. There is only a placeholder for rc.firewall. Its up to you to put something there. So sharing your rc.firewall script that notifies you in case something went wrong on start-up will be appreciated.


Cheers

iptables -L -n? Do i get points for that?
or you could check a log or send your self an email or multiple ways i can think of off the top of my head, and im not all that smart and havent done pro sysadmin work in quite a while.
And yes slackware lets you use the best script you can find or write yourself

Sure you don't. And you know it


Cheers

But at least Slackware doesn't pretend to have a firewall only for the admin to find out it's not running. Hugely embarrassing for a costly "enterprise" Linux release, don't you agree?

I do understand what is required to get iptables-netfilter up and running on Slackware. I start rc.firewall from rc.local, because the virtual machines with their virtual NICs need to be up first. I don't have a test for it but indeed it would be a good idea to put one together. Just grab the pid and test for it with an if ! ps -p pid then .... Not too hard really, is it?

Of course this is just diverting people's attention from the subject we're discussing here, which is why systemd is causing the mass exodus of Linux sysadmins we have been seeing lately. Do you think it's a good idea to dump all this new firewalld and systemd crap on sysadmins and expect them to pick it up straight away, so that whenever the firewalld service fails to start next time on their enterprise Linux server they will be able to solve it with no downtime? Pretty important when it's a firewall, don't you think?

I'm sure if you work for someone like Red Hat you think it's a great idea, but I'm curious to know what the majority of sysadmins out there at the coal face think. Those who don't have the luxury of falling back on their big employer daddy, in other words, the employer who knows how to fix the problem because he created it in the first place.

No, certainly not. The crazy rate of systemd adoption is something that I don't like. It will take time for things to settle down.


Cheers

Linux will haemorrhage developers, admins and users in the meantime. I've been reading about Debian people who have been with Debian for 18 years moving to FreeBSD. Surely this can't just be brushed off? From what I can see some of them are the older ones. This will make the loss to Linux twice as bad, because, computing-wise, I don't see much maturity in the new generation, who have really just been building on the shoulders of giants. The programming is derivative; the new languages are derivative; the ideas are derivative. I don't see anything revolutionary in IT these days that is not a pale shadow of something already done. 35 years ago practically every development in IT was revolutionary. That's why it's not good to lose these people. They have a perspective which this hyped-up, breakneck generation don't seem to have.

Do it, close the damn thread.

You probably find it amusing, but I find it embarrassing as it just shows how a certain few Slackware kooks are down to just mudslinging and superficial intellectual gymnastics, regardless of whatever technical merit in their arguments; you guys are an embarrassment to the greater Linux community.

If I wanted trolling, I'd be in /b/, reddit, or SA, not here.

We need discussion Zak, but yes, we don't need mudslinging as unSpawn hinted at.

Anyways, in Slackware you have several options for a Firewall, but you have to implement it. Everyone has known this since day one, or should have. Nobody is going to create your Firewall script for you. Even AlienBOB's EFG requires you to do some gruntwork on your own, to create a CUSTOM firewall script, make it executable, and run it.

That's how you check your firewall.

GNU/Linux already is hemorrhaging developers and projects. Case in point: Byuu the developer of higan (formerly the bsnes emulator) stopped developing his emulator exclusively for GNU/Linux and redeveloped higan for FreeBSD.

http://www.byuu.org

It's one instance, but where one starts, others will follow.

The thread is already beyond discussion, might as well start another without the baggage; 100+ pages in a thread mix of actual discussion and shitposting? No thanks.

The behavior in this thread as well as the behavior in the PAM poll thread are simply embarrassing examples of how easily the more active keyboard warriors of this community can get riled up; I'm sorry for the newbies who'd want to use Slackware more but are turned off from the toxicity.

2 members found this post helpful.