[Florian Reitmeir] >> But anyway, I dont think Debian Edu should ship low level firewall scripts >> based on iptables. Thats way too complicated and error-prone. Instead I'd >> suggest we use a shorewall based solution. > > or "ferm"
Or something else. :) I am sure we find a good system to implement the rules we want to implement. But before we start there, we need to agree on how such limitations should behave. I have a few wishes: - Dynamically enabled and disabled for hosts and users at runtime, based on information in LDAP (netgroups?). - Make sure multimedia web sites keep working. I am sure there are other features we need to implement as well. :) Should it be opt-in or out (as in, should users and hosts have full access and group membership enable limitations, or have no access, and group membership disable limitations)? Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
