[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: RFE: FireKit



On Fri, Jul 24, 2009 at 10:34 AM, Colin Walters<walters verbum org> wrote:
<SNIP>
>
> Backing up a minute, in discussions among the desktop team and other
> people about this, one thing that came up as a specific problem with
> having no firewall at all was the "public WiFi hotspot" case.  If for
> example I enable desktop sharing before leaving work, then head to the
> airport, and log on there to WiFi, you really don't want the desktop
> sharing still enabled.  Nor likely do you want sshd.
>
> In most of the other cases I can think of though, the firewall is
> either a hindrance (trusted network at home or office), or pointless
> (connected via 3G modem).
>
> Which leads me to think that rather than being based on individual
> ports and time, we just need a nice way to globally toggle the
> firewall.  And that could come down to marking networks as explicitly
> trusted in NetworkManager, say.
<SNIP>

Might we want to look at having "firewall profiles" such that
different sets of rules can be applied based on environment?

Also, is this planned to modify /etc/sysconfig/iptables and just
restart the service or is the plan to take a FireStarter approach and
be a substitute for /etc/sysconfig/iptables?

-Adam

-- 
http://maxamillion.googlepages.com
---------------------------------------------------------
()  ascii ribbon campaign - against html e-mail
/\  www.asciiribbon.org   - against proprietary attachments


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]