Red Hat Bugzilla – Bug 430091
ipa-server-install should update iptables config
Last modified: 2015-01-04 18:30:25 EST
during ipa-server-install, we observed that
we if have a system with has firewall enabled, none of
the ports are then opened up.
We believe we should automatically change iptables configuration
on the ipa-server machine to allow access to these ports.
I don't believe in changing firewall settings from applications.
It is not a good security practice (and I hope SELinux would prevent that anyway).
At the end of the setup script we warn admins on the ports they need to open
(and that is also documented in the docs I bellieve).