Re: NAT-PMP?

[Dan Williams <dcbw redhat com>]

On Mon, 2006-10-09 at 11:12 +0200, Fabian Zeindl wrote:
> Hi,
> 
>  there's a protocol NAT-PMP which can be used by NATted clients to
> "request" portmapping from their firewall. It should supersede UPnP by
> Microsoft, as it's easier, more secure and ..  er .. "more standard".
> (http://files.dns-sd.org/draft-nat-port-mapping.txt)
> 
> Several Apple products support it already and also several clients
> (Azureus for example) thought their is no opensource daemon at the
> moment, which will be no problem to write.
> 
> 
> I wonder if it's in networkmanager's scope to support NAT-PMP to be able
> to "talk to NAT-PMP routers" on request by clients. So not every client
> has to implement the NAT-PMP protocol, but can just send a DBUS-message
> to networkmanager which does the trick.
> 
> what do you think?

I'd think it was somewhat outside the scope of NM, but it's certainly in
the scope of a firewall control tool.  There's already a need for a
system-wide service to manage firewall stuff, David Zeuthen has already
written about this but I can't find it at the moment.

In any case, the problem is with things like gnome-user-share.  It's
awesome, but it requires you to turn off the firewall, or use a tool
like firestarter to help you out.  Now, if that tool could request a
specific port be opened automatically (subject to approval and/or some
other security policy of course!) things would Just Work much better.
That's likely the best place for this sort of thing, be it NAT-PMP,
UPnP, or the older Rendezvous thing that does the same thing.

Dan

> greetings
> fabian zeindl
> 
> _______________________________________________
> NetworkManager-list mailing list
> NetworkManager-list gnome org
> http://mail.gnome.org/mailman/listinfo/networkmanager-list