Re: F21 System Wide Change: Workstation: Disable firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2014-04-15 at 20:41 +0200, Thomas Woerner wrote:

> >
> > What you need is clearly different "zones" that the user can configure
> > and associate to networks, with the default being that you trust nothing
> > and everything is firewalled when you roam a new network.
> >
> We have that already with zones in firewalld.

Kindof. If I open the network panel and find the 'Firewall zone' combo,
I am presented with a choice of:
Default
block
dmz
drop
external
home
internal
public
trusted
work

This list is far too long, and none of it is translated or even properly
capitalized. And there is no indication at all why one would choose any
zone over any other, and what consequences it has.

So, what you have currently is a raw bit of infrastructure that is
directly exposed to the end user, without any design or integration.

> 
> The limitations in gnome 3 are:
> - Applets are not easily visible in the desktop.
> - An applet is not always visible, even if the state in the applet is to 
> be visible.
> - Sending out notifications is prohibiting the use of left and right 
> mouse button menus: While the notification is visible, a left and right 
> mouse button click on the applet only shows the notification.
> - After closing an notification sent out by the applet, the applet is 
> made invisible in the tray with a still visible state in the applet. Not 
> even a hide and show will make it visible anymore.
> - Left and right mouse button menus are loose in the desktop and are not 
> visibly connected to the applet, it is not visible any more after 
> clicking on it.

GNOME doesn't have applets anymore, so complaining that your applet
doesn't work great in GNOME is missing the point. 

I don't think we want a 'firewall' UI anyway; the firewall is not
something most users can or should understand and make decisions of. 

What I envision is that we will notify the user when we connect to a new
network, with a message along the lines of:

You have connected to an new network. If this is a public network, you
may want to stop sharing your Music and disable Remote Logins.
[Turn off sharing] [Continue sharing] [Sharing Preferences...]

And we will remember this for when you later reconnect to the same
network.

When we have this infrastructure, we can use this information to also
set the network zone to Home/Public - I don't think the long list of
zones I showed above makes any sense. Either you are at home and
comfortable sharing the network, or not.

I've filed a bug for this:
https://bugzilla.gnome.org/show_bug.cgi?id=727580


Matthias

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux