On Mon, Oct 09, 2006 at 09:54:07AM -0400, Dan Williams wrote:
> I'd think it was somewhat outside the scope of NM, but it's certainly in
> the scope of a firewall control tool.  There's already a need for a
> system-wide service to manage firewall stuff, David Zeuthen has already
> written about this but I can't find it at the moment.
> In any case, the problem is with things like gnome-user-share.  It's
> awesome, but it requires you to turn off the firewall, or use a tool
> like firestarter to help you out.  Now, if that tool could request a
> specific port be opened automatically (subject to approval and/or some
> other security policy of course!) things would Just Work much better.
> That's likely the best place for this sort of thing, be it NAT-PMP,
> UPnP, or the older Rendezvous thing that does the same thing.

NAT-PMP _is_ the older rendezvous thing. ;-) The protocol apple uses in
it's AirPort devices. just for clearing this: it's not about controlling
local iptable but talking to the router which does the port forwarding.

it's not very wide deployed but at the moment all clients to the
communication with the NAT-PMP router on their own. a central
(dbus-controlled) service would be a benefit I think, but maybe that's
really outside the scope of NM and should be implemented in another


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]