RFE: FireKit
Colin Walters
walters at verbum.org
Fri Jul 24 15:52:52 UTC 2009
On Fri, Jul 24, 2009 at 11:39 AM, Adam Miller<maxamillion at gmail.com> wrote:
>
> Might we want to look at having "firewall profiles" such that
> different sets of rules can be applied based on environment?
I'm uncomfortable to tying the solution for "desktop sharing button
doesn't actually work unless you run system-config-firewall" to a
profiles system for controlling individual ports based on network.
Maybe the toggle under the hood is a profile and system-config-network
knows about profiles, but I'm strongly against a big list of port
numbers in the default UI flow.
> Also, is this planned to modify /etc/sysconfig/iptables and just
> restart the service or is the plan to take a FireStarter approach and
> be a substitute for /etc/sysconfig/iptables?
I think that if you ever run system-config-firewall, you're a system
administrator and that tool wins, and the desktop firewall toggle
should be disabled. How exactly that's expressed in the config system
I don't know.
More information about the devel
mailing list