Revision as of 20:08, 15 April 2013

Beat is open
This beat is now ready to have Fedora 25 content added by the beat writer

federated VOIP

Improved Mobile Broadband Support

Fedora 19 includes a new, more capable version of ModemManager for interacting with mobile broadband devices. This version provides better support for multi-mode devices like Qualcomm Gobi WWAN cards and other devices that support both CDMA/EVDO/LTE and/or GSM/UMTS/LTE simultaneously. To provide this support, the D-Bus API of ModemManager has changed, which may require updates in applications that interact with ModemManager to control WWAN devices.

Many devices will connect and authenticate using the NetworkManager GUI. nm-cli has added features to configure mobile connections. For more detailed usage information, consult http://fedoraproject.org/wiki/Features/MoreMobileBroadband .

firewalld

locking the firewall

Dynamic firewall configuration by application can now be locked down completely, or limited to a whitelist. The whitelist can contain commands, users, UIDs, and selinux contexts.

To lock down the firewall, set Lockdown=yes in /etc/firewalld/firewalld.conf

Whitelist definitions are kept in /etc/firewalld/lockdown-whitelist.xml. This example whitelist allows firewall-cmd to configure the firewall:

<whitelist>
<command name="/usr/bin/python /usr/bin/firewall-cmd"
</whitelist>

The firewall must be reloaded to refresh the whitelist:

firewall-cmd --reload

configuring the firewall

Configuring firewalld is now possible using high level, human readable language. firewalld's XML rule definitions make advanced configuration easy. For more information, read the feature page at http://fedoraproject.org/wiki/Features/FirewalldRichLanguage .

BIND10

The latest versions of the popular nameserver bind and dhcp server dhcpd server are now available for Fedora. The BIND10 suite features include a RESTful configuration API and sqlite database backend for named and SQL backend for dhcpd.

For more information, consult the bind10 manual at http://bind10.isc.org/docs/bind10-guide.html .

stable network interface naming

The udevd service has a long history of providing predictable names for block devices and others. Fedora will now also use udev naming for network interfaces by default, providing more reliable interface names on systems with multiple network devices. Alternative naming schemes, such as custom udev rules or biosdevname, will override this default. Users upgrading from previous releases may need to update the device names referenced in /etc/system/network-scripts, although in most cases biosdevname will continue to manage naming.

For more information, read http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames .

@@ Line 1: / Line 1: @@
 {{header|docs}}
+{{Docs_beat_open}}
+= federated VOIP=
-== Network Device Naming ==
+= Improved Mobile Broadband Support =
+Fedora 19 includes a new, more capable version of ModemManager for interacting with mobile broadband devices. This version provides better support for multi-mode devices like Qualcomm Gobi WWAN cards and other devices that support both CDMA/EVDO/LTE and/or GSM/UMTS/LTE simultaneously. To provide this support, the D-Bus API of ModemManager has changed, which may require updates in applications that interact with ModemManager to control WWAN devices.
-Servers often have multiple Ethernet ports, either embedded on the motherboard, or on add-in PCI cards.  Linux has traditionally named these ports ethX, but there has been no correlation of the ethX names to the chassis labels - the ethX names are non-deterministic.  Starting in Fedora 15, Ethernet ports will have a new naming scheme corresponding to physical locations, rather than ethX.  Ethernet ports embedded on server motherboards will be named em<port_number>, while ports on PCI cards will be named pci<slot_number>p<port_number>, corresponding to the chassis labels.  Additionally, if the network device is an SR-IOV Virtual Function or has Network Partitioning (NPAR) capability, the name will have a suffix of _<virtual_function> or _<partition>.
+Many devices will connect and authenticate using the NetworkManager GUI. `nm-cli` has added features to configure mobile connections. For more detailed usage information, consult http://fedoraproject.org/wiki/Features/MoreMobileBroadband .
-By changing the naming convention, system administrators will no longer have to guess at the ethX to physical port mapping, or invoke workarounds on each system to rename them into some "sane" order.
+= firewalld =
+== locking the firewall ==
+Dynamic firewall configuration by application can now be locked down completely, or limited to a whitelist. The whitelist can contain commands, users, UIDs, and selinux contexts.
+<!-- asked for manpages at https://bugzilla.redhat.com/show_bug.cgi?id=952364 -->
-This feature affects all physical systems that expose network port naming information in SMBIOS 2.6 or later (specifically field types 9 and 41).  Dell PowerEdge 10G and newer servers (PowerEdge 1950 III family, PowerEdge R710 family, and newer), and HP ProLiant G6 servers and newer are known to expose this information, as do some newer desktop models.  Furthermore, most older systems expose some information in the PCI IRQ Routing Table, which will be consulted if information is not provided by SMBIOS.
+To lock down the firewall, set `Lockdown=yes` in `/etc/firewalld/firewalld.conf`
-Fedora running as a guest virtual machine will continue to use the ethX names.
+Whitelist definitions are kept in `/etc/firewalld/lockdown-whitelist.xml`. This example whitelist allows `firewall-cmd` to configure the firewall:
+ <whitelist>
+ <command name="/usr/bin/python /usr/bin/firewall-cmd"
+ </whitelist>
-Existing installations upgraded to Fedora 15 will not see a change in names unless /etc/udev/rules.d/70-persistent-net.rules is deleted and the HWADDR lines are removed from all /etc/sysconfig/network-scripts/ifcfg-* files, and those files are renamed to use the new device names.
+The firewall must be reloaded to refresh the whitelist:
+ firewall-cmd --reload
-You may continue to write rules in /etc/udev/rules.d/70-persistent-net.rules to change the device names to anything you wish.  Such will take precedence over this physical location naming scheme.  Such rules may look like:
+== configuring the firewall ==
- SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:11:22:33:44:55", ATTR{type}=="1", KERNEL=="eth*", NAME="public"
+Configuring firewalld is now possible using high level, human readable language. firewalld's XML rule definitions make advanced configuration easy. For more information, read the feature page at http://fedoraproject.org/wiki/Features/FirewalldRichLanguage .
-This feature may be disabled by passing "biosdevname=0" on the kernel command line, in which case, behavior will revert to using ethX names.
+= BIND10 =
+The latest versions of the  popular nameserver `bind` and dhcp server `dhcpd` server are now available for Fedora. The BIND10 suite features include a RESTful configuration API and sqlite database backend for `named` and SQL backend for `dhcpd`.
+For more information, consult the `bind10` manual at http://bind10.isc.org/docs/bind10-guide.html .
+= stable network interface naming =
+The udevd service has a long history of providing predictable names for block devices and others. Fedora will now also use udev naming for network interfaces by default, providing more reliable interface names on systems with multiple network devices.  Alternative naming schemes, such as custom udev rules or biosdevname, will override this default.  Users upgrading from previous releases may need to update the device names referenced in `/etc/system/network-scripts`, although in most cases `biosdevname` will continue to manage naming.
+For more information, read http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames .
 [[Category:Docs Project]]
 [[Category:Draft documentation]]
 [[Category:Documentation beats]]

Search

Documentation Networking Beat: Difference between revisions