On Tue, 06 Aug 2024 09:44:32 +1000 George at Clug <c...@goproject.info> wrote:
> > (I do recall being taught programming using machine code, once I > reached an environment that used assembler, I only used machine code > for debugging. At that time I was also introduced to programming > using BASIC via punch cards. I am not going to give up using IDEs and > go back to those days, so I should apply the same logic to firewalld) > The issue with GUI (or simple script) frontends to open-ended direct configuration is that in order to achieve simplicity (the whole purpose of a frontend) then it is necessary to implement only a subset of what the underlying system can do. In programming terms, assembler maps pretty well one to one to machine code, whereas frontend code/forms do not map to low-level commands, since the low-level command structure generally has a huge structure. Can all valid iptables commands be listed? Of course, but the list would be exceptionally long. And yes, I once thought I'd start using a firewall frontend, but fell almost at the first hurdle, unable to implement a relatively simple iptables objective. That was years ago, and I'm sure things have improved, but only by increasing the complexity and versatility of the frontend, which is something opposed to the concept of the frontend. -- Joe
