RFE: FireKit

[Ahmed Kamal]

Hi,

Here's a RFE for FireKit, a firewall desktop "kit". What this does is:
1- Exposes a dbus interface for applications to programatically open/close
ports
2- Monitors as new daemons/applications that listen on non lo interfaces are
started, checks if iptables is currently blocking them, and if so, warns the
user that application X is currently blocked by the firewall

User Experience:
=======
1- Joe wants some help from his co-worker, he shares his Gnome desktop
through vino. Vino kicks FireKit to ask Joe if he would like to open port
5900, and asks for a period of time. Joe selects yes, and chooses 30
minutes. FireKit instructs iptables to open that port, and waits for 30
mins.
2- Sally wants to share last night's photos with her team. She drops the
photos in /var/www/html, and starts apache. While apache does not know about
FireKit, FireKit still detects that port 80 is now listening on 0.0.0.0,
FireKit pops a notification that process "apache" is listening on port 80,
and is being blocked by the firewall. FireKit asks Sally if she'd like to
open port 80, and for how long. Sally accepts and chooses 5 hours

I'm no hot shot developer, so I am not quite sure about which architecture
is best, or details about integration with policy-kit, however, this seems
to me like a really missing integration point on the free desktop front.
Comments and opinions are welcome.

Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20090723/8281c746/attachment.htm>