And our point is that Linux doesn't need a firewall if there aren't any open incoming ports on a base install.

OK.

And if you don't trust the source (a repo provided by us, over HTTPS) with providing you package updates and the packages themselves, including the firewall, and to install your firewall, [...]

@JoshStrobl Erm... Where did I say anything along these lines? My point is that any general-purpose OS should have a firewall preinstalled. @DataDrake mentioned some static system policy that's supposed to make up for that, but my question about it was ignored.

I think you are misreading my tone. I am being terse, not belligerent or hostile. I mean that we need a firewall that is easy for a novice user to use and requires no knowledge of TCP/UDP/IP to be usable.

@DataDrake I see. You probably know that already, but there is a graphical front end for firewalld called firewall-config; setting it up is just a matter of selecting one of the predefined firewall zones. It is also possible to select a different zone for every network connection directly via NetworkManager.

If you want configuration tools, there are multiple options in the repo that you can grab post-install.

@Gnat008 And that's the problem: I should be able to secure my PC before going online.

To be frank, I struggle to have confidence in Solus' security at this point.

It's a static system policy.

@DataDrake Do you mean an iptables policy? Also, is it set to block or drop incoming connection attempts (i.e., does it make your PC's ports appear closed or stealth)?

@JoshStrobl Well, I, for one, am merely trying to raise awareness of the issue, since PPPoE isn't as uncommon as many seem to believe. It should work out of the box, especially considering that nm-connection-editor has an option for it.

The problem is that in my country (Iraq), all ISPs use PPPoE, I assume there are other countries like this.