Re: Services automaticly change firewall rules to open access to themselfs.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 20.08.07 15:19, David Hollis (dhollis@xxxxxxxxxxxxxx) wrote:

> 
> On Mon, 2007-08-20 at 12:33 -0500, Arthur Pemberton wrote:
> > > I run custom firewall rules.  If you can get this idea to play
> > nicely with
> > > my custom script, and with Shorewall setups, and with
> > s-c-securitylevel,
> > > go for it.  But I'm highly sceptical.  If installing squid blows up
> > my
> > > custom firewall settings, I'm getting out my pitchfork. :)
> > >
> > 
> > Hence why I suggest doing this through s-c-secuirtylevel so that that
> > functionality can centrally be disabled 
> 
> I think the ideal solution would be to use existing protocols (UPnP,
> NAT-PMP) to talk to a daemon (avahi-daemon for example) that is
> configured with basic policy settings (accept requests from this user,
> IP, interface, etc) and could also talk on DBUS for GUI prompt type
> stuff.  The daemon would have config options to specify what chains to
> alter, so that it can be made to work with other firewall scripts easily
> and obtrusively.   By using existing protocols, the exact same mechanism
> can work with home routers and such, and likely even SOHO
> 'firewalls'.

Actually someone has started to work on a NATPMP client and server for
inclusion in Avahi:

http://web.midg3t.net/blog/

He usually lurks as "tedp" on #avahi on freenode.

Lennart

-- 
Lennart Poettering                        Red Hat, Inc.
lennart [at] poettering [dot] net         ICQ# 11060553
http://0pointer.net/lennart/           GnuPG 0x1A015CC4

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux