On 11/06/2012 04:26 PM, Thomas Woerner wrote:
On 11/06/2012 01:07 AM, Chuck Forsberg WA7KGX N2469R wrote:
The new firewall replaces the old "trusted interface" with
multiple "zones" . This would be fine if one could easily
tell which zone each network interface was in and
make changes.
firewalld is not selecting the zone for an interface related to a
connection. NetworkManager does this. The zone is set in the ifcfg
config file, if it is not the default zone.
The only to change an interface's zone is with an arcane
firewall-cmd incantation.
There is a patch for the gtk nm-connection-editor to add a very simple
selection menu for connections. The NM connection editor in KDE is
providing support for this already.
This has been integrated into network-manager-applet upstream and should
hit Fedora soon. Within nm-connection-editor the zone for interfaces
related to a connection can be changed.
Given the new concepts of persistence and zones, the
admin>firewall applet needs to present these concepts
to the user in a clearly intuitive, easy to change way.
Ok, the firewall-applet should provide information on how to do change
zones for connections, I agree.
The current view should be radio buttons.
Each interface should have a selector for which zone
it should be in. Finally, do we need so many zones?
A default of two zones should suffice and be more
understandable. At least don't show zones that aren't used.
There are the base zones: block, drop, public, work and trusted. The
other zones have been added on request. You can also add own zones
according to your needs.
Thomas
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
