On Fri, 2010-03-12 at 10:49 +0530, Zubin Mithra wrote: > My name is Zubin Mithra and I am aspiring to get into GSoC on behalf > of Fedora. I wish to work on making a library for better iptables > management. Details can be viewed in the proposal which I have > attached along with the email. > > I would love to hear your views on it. Hi, I think that a CLI/library based approach for this is not really sufficient -- the main problem we currently have with iptables management is that user applications need to be able to request that certain rules are added, via PolicyKit. The user experience ought to be something like: click 'share this folder', dialog says "Oh, you need a firewall modification to allow that to work, shall I go ahead and do it?". We already have a mechanism for doing this, but the existing mechanism is quite crude. Take a look at the D-Bus service provided by system-config-firewall. This is the correct approach. I think it just needs making generally better by having an interface that is a bit more "idiot proof", i.e. some way to know whether the existing rules already do what the application needs without having to have lots of internal knowledge of system-config-firewall. Tim. */
Attachment:
signature.asc
Description: This is a digitally signed message part
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
