On Tue, Dec 07, 2010 at 09:50:22AM +0000, Tim Waugh wrote: > If the CUPS snmp backend could say to "the firewall", "hey, please allow > responses on this port I've got for the next few seconds" -- which can > be controlled using PolicyKit -- then this network discovery would > finally work. Is there a compelling reason for this not to be: - cups snmp backend says to "the firewall", "hey, please allow responses on this port I've got" - cups snmp backend listens for responses until timeout - cups snmp backend says to "the firewall", "hey, I'm done now. thanks!" That seems more helpful than "a few seconds" anyway. And worst case is that the snmp backend crashes or otherwise forgets to remove its rule, which shouldn't be terribly severe since then it won't be listening, either. Some other point the the cups startup/stop process could make sure any such leftover rules are cleared just to be sure. I have no problem with the mechanism for talking to the firewall being some PolicyKit-enabled helper program. I just don't see a strong argument for it being a daemon. -- Matthew Miller <mattdm@xxxxxxxxxx> Senior Systems Architect -- Instructional & Research Computing Services Harvard School of Engineering & Applied Sciences -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
