Services & firewall configuration

Paul Jakma paul at dishone.st
Tue Aug 26 03:16:16 UTC 2003


On Mon, 25 Aug 2003, Ian Pilcher wrote:

> It seems to me that the fundamental problem is the lack of "linkage"
> (for lack of a better word) between service configuration and
> firewall configuration.

well, there's so much policy involved. Eg you could perhaps add 
special comment lines to init scripts (ala the chkconfig lines) to 
indicate ports which are used by an app - but how do you tell whether 
the user wants them accessible to the network? and if so, the whole 
internet? his local network? ???

> Just some thoughts on future directions.  Flame away!

got any ideas? :)

one thing i would like is a portmap with hooks on rpc client 
registration/deregister (ie to setup firewalls).

regards,
-- 
Paul Jakma	paul at clubi.ie	paul at jakma.org	Key ID: 64A2FF6A
	warning: do not ever send email to spam at dishone.st
Fortune:
It is difficult to legislate morality in the absence of moral legislators.





More information about the devel mailing list