> ----- Original Message ----- >> On Wed, 2014-02-19 at 08:47 -0500, Bastien Nocera wrote: >> > I think we should reconsider not having a firewall by default, and >> > providing firewalld >> > and a UI for it as an external installable system software. That >> > reflects on its current >> > level of integration in the desktop. >> >> This would be quite a shame, but I think it is reasonable to specify >> that a firewall in its default configuration may not interfere with the >> normal operation of programs installed by default (Nautilus, Totem, >> anything in the Sharing System Settings panel, ...). > > Be my guest. I doubt you'll be able to make it work when shares such as DAAP, > UPnP and number of others use random high ports that are blocked by the firewall > by default. Which means that each application needs to poke a hole in the firewall, > which means that it needs to use the Fedora specific and hard-to-use API[1] to do so. Isn't that the idea in general of what the UPNP IGD standard is suppose to implement, maybe adding support for something like gupnp-igd to speak with firewalld via dbus to use a slightly might at least generalise it from the api PoV peter -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
