RFE: FireKit
Aioanei Rares
schaiba at gmail.com
Thu Jul 23 21:36:31 UTC 2009
On 07/23/2009 09:16 PM, Ahmed Kamal wrote:
> Hi,
>
> Here's a RFE for FireKit, a firewall desktop "kit". What this does is:
> 1- Exposes a dbus interface for applications to programatically
> open/close ports
> 2- Monitors as new daemons/applications that listen on non lo
> interfaces are started, checks if iptables is currently blocking them,
> and if so, warns the user that application X is currently blocked by
> the firewall
>
> User Experience:
> =======
> 1- Joe wants some help from his co-worker, he shares his Gnome desktop
> through vino. Vino kicks FireKit to ask Joe if he would like to open
> port 5900, and asks for a period of time. Joe selects yes, and chooses
> 30 minutes. FireKit instructs iptables to open that port, and waits
> for 30 mins.
> 2- Sally wants to share last night's photos with her team. She drops
> the photos in /var/www/html, and starts apache. While apache does not
> know about FireKit, FireKit still detects that port 80 is now
> listening on 0.0.0.0, FireKit pops a notification that process
> "apache" is listening on port 80, and is being blocked by the
> firewall. FireKit asks Sally if she'd like to open port 80, and for
> how long. Sally accepts and chooses 5 hours
>
> I'm no hot shot developer, so I am not quite sure about which
> architecture is best, or details about integration with policy-kit,
> however, this seems to me like a really missing integration point on
> the free desktop front. Comments and opinions are welcome.
>
> Regards
To me it seems like a great idea, but your usual computer user
does not really know about Apache and ports, IP's and the like. Other
than that, if you need help, ask. What language do you intend to
implement this in?
More information about the devel
mailing list