does not really know about Apache and ports, IP's and the like.
Exactly the point, the user shares his desktop, or starts some service using the services GUI, and FireKit should offer to help. Moreover, this actually would improve desktop security, since without FireKit, a typical user after wasting half an hour, would understand it was the firewall blocking him, and would simply disable it for good. This happens on any OS. However, with FireKit, pro-actively offering to help the user, and requesting by default a limited time-window for opening the ports, actually ensures a better desktop security
Other than that, if you need help, ask.
I do :) I'm not sure how this should integrate with policy-kit for allowing which users should be able to control the firewall. Should FireKit launch its own daemon that runs all the time, or is there some other way. How to control iptables without running shell commands, and how to hook on ports creation events. I guess I should be using some python RTNETLINK bindings, any ideas?
Any examples, design decisions, and pointers to code samples to make my life easier, are highly appreciated
What language do you intend to implement this in?
But of course python ;)