[BlueOnyx:23684] 5210R: Firewalld, APF, Fail2ban PKGs released
Michael Stauber
mstauber at blueonyx.it
Sat Feb 22 22:08:26 -05 2020
Hi all,
The following PKGs were just released for BlueOnyx 5210R and are now
available in the BlueOnyx shop:
5210R-apf-7.0.1-1.pkg
5210R-firewall-8.0.1-1.pkg
5210R-fail2ban-0.10.5-3.pkg
Anyone who has an active subscription for the product APF (which is also
included in several bundles) now also has access to the newer and more
modern "5210R-Firewall" package, which is a drop in replacement for APF.
So why are we making *both* APF and Firewall available on 5210R and when
should you use which?
Firewalld is the *much* better option, as it's more modern than APF,
starts and reloads faster and supports IPv6 out of the box instead of
having it tacked on like APF. Firewalld can also use ipsets, which makes
it possible to apply very large blocks of IP rule sets in an eyeblink.
But: If you're using BlueOnyx 5210R inside the Container virtualization
of OpenVZ 7 (like on Aventurin{e} 6109R) Firewalld will *not* work. I
spent several weeks trying to get it to work in any shape or form, but
due to architectural issues with the virtualization engine it sadly
won't work.
So *if* you're using BlueOnyx 5210R on anything *but* an OpenVZ
container use "5210R-Firewall", otherwise use the fallback "APF" instead.
The Fail2ban PKG has been adapted specially for 5210R and will work with
either Firewalld or APF - depending on which is present.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list