Firewall blocking desktop features

Ankur Sinha sanjay.ankur at gmail.com
Wed Sep 11 02:17:29 UTC 2013


On Wed, 2013-09-11 at 00:01 +0200, Alec Leamas wrote:
> Nobody questions this. Thie issue in this thread is if we could find 
> ways to make it simpler to enable these services.

Last I checked, the bugs already spoke about giving utilities the
ability to punch holes in the firewall and then close them when they're
done. The same issue persists in rygel as well[2]. The printer settings
in gnome already seem to open up ports in the firewall after taking
permission from the user. If the gnome sharing and people nearby
applications could do the same, this would make it easier for users.
This solution makes it a task for upstreams of these software I'd think.
Not a lot firewalld can do here. Even a pop up message that says "XXXX
port needs to be opened in the firewall, open firewall configuration?"
would work IMO. 

At the moment, I need to search the web to find what ports each service
needs and open them up manually. 

Either these applications gain the capability to open these ports, or at
least properly document what ports need to be open.

Rygel, btw, uses a dynamic port via libsoup or something. The user has
to configure it to use a static port manually to start with :/

I really haven't looked at any of the source codes. This is from
personal experience and the on-going rygel issue which I was unfortunate
enough to run into.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=626188
[2] https://bugzilla.gnome.org/show_bug.cgi?id=699691

-- 
Thanks,
Warm regards,
Ankur (FranciscoD)

http://fedoraproject.org/wiki/User:Ankursinha

Join Fedora! Come talk to us!
http://fedoraproject.org/wiki/Fedora_Join_SIG

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130911/cf136461/attachment.sig>


More information about the devel mailing list