FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

LinkBack Thread Tools
Old 03-12-2010, 03:19 PM
Tim Waugh
Default GSoC 2010 : Better iptables management

On Fri, 2010-03-12 at 10:49 +0530, Zubin Mithra wrote:
> My name is Zubin Mithra and I am aspiring to get into GSoC on behalf
> of Fedora. I wish to work on making a library for better iptables
> management. Details can be viewed in the proposal which I have
> attached along with the email.
> I would love to hear your views on it.


I think that a CLI/library based approach for this is not really
sufficient -- the main problem we currently have with iptables
management is that user applications need to be able to request that
certain rules are added, via PolicyKit.

The user experience ought to be something like: click 'share this
folder', dialog says "Oh, you need a firewall modification to allow that
to work, shall I go ahead and do it?".

We already have a mechanism for doing this, but the existing mechanism
is quite crude.

Take a look at the D-Bus service provided by system-config-firewall.
This is the correct approach. I think it just needs making generally
better by having an interface that is a bit more "idiot proof", i.e.
some way to know whether the existing rules already do what the
application needs without having to have lots of internal knowledge of


devel mailing list

Thread Tools

All times are GMT. The time now is 12:53 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org