Re: [Setup-tool-hackers] Firewall Option?

From: Joakim Ziegler <joakim ximian com>
To: Burra <burra colorado edu>
Cc: setup-tool-hackers helixcode com
Subject: Re: [Setup-tool-hackers] Firewall Option?
Date: 15 Aug 2001 17:39:50 -0500

On 15 Aug 2001 11:19:03 -0600, Burra wrote:

> 1. Make the setup simple. (the preset hard coded rules way)
>   - you have a choice between firewall presets (5 levels in all)
>   - in the "more options" area you can: (customize the presets a bit)
>       + allow trusted systems (ACL)
>       + block evil systems (ACL)
>       + allow specific services (ftp, sshd, ntpd, etc)
>       + set special netfilter options (syn_flood, etc)
>       + set logging prefrences
> 2. Make the setup have an area where you can enter your own "raw rules".
>   - all the above features
>   - another dialog to insert your own "home grown" rules.
 
> Now, #2 makes the tool very complicated... much more code invloved. In
> addition, if some one knows how to create their own rules, then they must
> know how to use the command line tool and I don't want to rewrite the
> command line tool in GUI form (I see that as reinventing the wheel).
> I see #1 as the best option, much simpler and elegent. More of a tool for
> the beginner/moderate firewall user (which I beleve is the target user
> base).
> What do you guys think? Can you argue one way or the other? I'll take the
> way that gets the most positve response.

#2 isn't really a good option. "And for the advanced option, we just
supply a type-in field where the user can enter his own stuff" isn't
good GUI, it's kind of a cop-out.

I think #1 sounds like a good solution at the moment. On the longer
term, instead of doing #2, the right thing to do would be to completely
map out the useful functionality of the underlaying system, and then
create a good and intuitive UI for it. That is the correct and friendly
way of doing it.

-- 
    Joakim Ziegler - Ximian Engineer - joakim@ximian.com - Radagast@IRC
 FIX sysop - Free Software Coder - Writer - FIDEL & Conglomerate
developer
http://www.avmaria.com/ - http://www.ximian.com/ -
http://www.sinthetic.org/


_______________________________________________
setup-tool-hackers maillist  -  setup-tool-hackers@ximian.com
http://lists.ximian.com/mailman/listinfo/setup-tool-hackers

Follow-Ups:
- Re: [Setup-tool-hackers] Firewall Option?
  - From: Arturo Espinosa Aldama

References:
- [Setup-tool-hackers] Firewall Option?
  - From: Burra

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]