[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: RFE: FireKit
- From: Adam Miller <maxamillion gmail com>
- To: Development discussions related to Fedora <fedora-devel-list redhat com>
- Subject: Re: RFE: FireKit
- Date: Fri, 24 Jul 2009 10:39:51 -0500
On Fri, Jul 24, 2009 at 10:34 AM, Colin Walters<walters verbum org> wrote:
<SNIP>
>
> Backing up a minute, in discussions among the desktop team and other
> people about this, one thing that came up as a specific problem with
> having no firewall at all was the "public WiFi hotspot" case. If for
> example I enable desktop sharing before leaving work, then head to the
> airport, and log on there to WiFi, you really don't want the desktop
> sharing still enabled. Nor likely do you want sshd.
>
> In most of the other cases I can think of though, the firewall is
> either a hindrance (trusted network at home or office), or pointless
> (connected via 3G modem).
>
> Which leads me to think that rather than being based on individual
> ports and time, we just need a nice way to globally toggle the
> firewall. And that could come down to marking networks as explicitly
> trusted in NetworkManager, say.
<SNIP>
Might we want to look at having "firewall profiles" such that
different sets of rules can be applied based on environment?
Also, is this planned to modify /etc/sysconfig/iptables and just
restart the service or is the plan to take a FireStarter approach and
be a substitute for /etc/sysconfig/iptables?
-Adam
--
http://maxamillion.googlepages.com
---------------------------------------------------------
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]