On 07/23/2009 09:16 PM, Ahmed Kamal wrote:
Hi,
Here's a RFE for FireKit, a firewall desktop "kit". What this does is:
1- Exposes a dbus interface for applications to programatically
open/close ports
2- Monitors as new daemons/applications that listen on non lo
interfaces are started, checks if iptables is currently blocking them,
and if so, warns the user that application X is currently blocked by
the firewall
User Experience:
=======
1- Joe wants some help from his co-worker, he shares his Gnome desktop
through vino. Vino kicks FireKit to ask Joe if he would like to open
port 5900, and asks for a period of time. Joe selects yes, and chooses
30 minutes. FireKit instructs iptables to open that port, and waits
for 30 mins.
2- Sally wants to share last night's photos with her team. She drops
the photos in /var/www/html, and starts apache. While apache does not
know about FireKit, FireKit still detects that port 80 is now
listening on 0.0.0.0, FireKit pops a notification that process
"apache" is listening on port 80, and is being blocked by the
firewall. FireKit asks Sally if she'd like to open port 80, and for
how long. Sally accepts and chooses 5 hours
I'm no hot shot developer, so I am not quite sure about which
architecture is best, or details about integration with policy-kit,
however, this seems to me like a really missing integration point on
the free desktop front. Comments and opinions are welcome.
Regards
To me it seems like a great idea, but your usual computer user
does not really know about Apache and ports, IP's and the like. Other
than that, if you need help, ask. What language do you intend to
implement this in?
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
