The state of firewall management...

[Graham Lyon <graham lyon gmail com>]

Hi,

I'm wondering what the plan of action is towards management of firewalls on the desktop. Is this something that NetworkManager should do? I think so. Firewalls, for the average end user, should "just work". A great many linux distros don't come with a firewall configured by default and there is no default mechanism for interfacing with a firewall and opening ports etc for any software to use. I'm interested in developing a system to allow NM to identify a network, ask the user to classify this network if it has never been visited before, and then act accordingly (users of Windows Vista will recognise this process). I think it's needed as the average enduser will not give themselves a proper firewall configuration. Ever.

I have some thoughts about how this might be implemented (several possibilities, infact) and I'd be happy to share/discuss them here before I actually start working towards an implementation. So, before I go ahead and write a long email detailing all my thoughts I'm just curious as to what the overall state of firewall management is as far as NM is concerned (is someone working on it, is it considered not the duty of NM, etc)?

-Graham