Re: The state of firewall management...

From: Marc Herbert <Marc Herbert gmail com>
To: networkmanager-list gnome org
Subject: Re: The state of firewall management...
Date: Wed, 15 Jul 2009 18:18:37 +0100

> Dan Williams wrote:
>> Firewall UI is a hard problem,

Firewall UI is a hard problem simply because firewalling is a hard
problem.  Firewalls are designed to protect entire networks. No
surprise using them for single hosts is overly complicated.

Ludwig Nussel wrote:
> Exactly. That's why SuSEfirewall2 allows packages to define what
> ports belong to a service so the user no longer needs to care about
> individual ports:
> http://en.opensuse.org/SuSEfirewall2/Service_Definitions_Added_via_Packages

Impressive. Fast-forwarding to the very last paragraph, one can see
the ideal user interface: a network service manager.
But instead of simply managing services directly, everything goes
through an indirect, complicated and useless "network ports" layer.
I can't wait for the support requests for little-known applications.
And for the "services/bittorrent" configuration file. And for the P2P
applications not invented yet. I can even see a potential for
consulting and money!

Yeah, yeah, I heard: the average desktop user absolutely needs to have
Samba, Apache and MySQL listening to "localhost" while on the move. So
finally shutting up now. Really. Sorry for all the spam.

References:
- Re: The state of firewall management...
  - From: Dan Williams
- Re: The state of firewall management...
  - From: Ludwig Nussel

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]