----- Original Message ----- > On Wed, 2014-02-19 at 08:47 -0500, Bastien Nocera wrote: > > I think we should reconsider not having a firewall by default, and > > providing firewalld > > and a UI for it as an external installable system software. That > > reflects on its current > > level of integration in the desktop. > > This would be quite a shame, but I think it is reasonable to specify > that a firewall in its default configuration may not interfere with the > normal operation of programs installed by default (Nautilus, Totem, > anything in the Sharing System Settings panel, ...). Be my guest. I doubt you'll be able to make it work when shares such as DAAP, UPnP and number of others use random high ports that are blocked by the firewall by default. Which means that each application needs to poke a hole in the firewall, which means that it needs to use the Fedora specific and hard-to-use API[1] to do so. This needs redesigning from the ground up, with the users and application developers as the point of focus. [1]: See firewalld.dbus -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
