I'm retired firestarter, I picked it up recently as it was orphaned but as we are moving towards PolicyKit and there's no upstream to assist with the port and after a discussion we had here on the list I decided it was time to retire it. Now, with that being said, I have some users on the firestarter-users mailing list that have some features they would like to request and I wanted to pose a couple questions here in respect to their requests and find out if others feel that these requests are feasible and/or are even in the scope of system-config-firewall. 1) Cisco VPN I don't use this myself but I was told it just needs these rules, so I don't see a big issue here: $IPT -A FORWARD -i $IF -o $INIF -p udp --dport 500 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT $IPT -A FORWARD -i $IF -o $INIF -p tcp --dport 500 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT $IPT -A FORWARD -i $IF -o $INIF -p 50 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT $IPT -A FORWARD -i $INIF -o $IF -p 50 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT 2) Auto setup of "Internet Sharing", so autoconfig of dhcpd and providing a bridge between WAN and LAN. This is one that I'm not entirely sure there is really in the scope of system-config-firewall and might need to be its own utility. Those are really the only two that have been reported to me, just looking for advisement from the group before I go off and start trying to hack something together. Thanks, -Adam -- http://maxamillion.googlepages.com --------------------------------------------------------- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
