> > > I think that the technology should be extensible. But I think that
> > > the 'client' application should be cross platform. Some people would
> > > enjoy this kind of interface. But they do not choose to or want to
> > > run Windows.
> >
> > I agree, it should be cross-platform. But my coding expertise limit
> > my contribution to win32 and some small scripting. we could have two
> > or more identical clients, for each platform.
>
[snip]
>
> > the remote client idea's purpose was to use ssh, that would not be as
> > secure as a local shell, and it would be used from the lan, the only
> > danger in it would be dsniff! but... what can we do about it?
The local-client can access the same info the remote-client
would access, though. So why not have it access the material in the
same way: SSH. That "configuration interface" on the firewall, the
one that's exchanging the config info with the config utility, is just
acting as a network transfer agent, really. What you *do* with the data
(that is, what you display for the end-user after you know the details),
is much more arbitrary. This enables multi-platform configuration
clients pretty straightforwardly.
Regarding having a Windows-specific one, IMO I think having
it is valuable for one big reason: when the firewall is *first* booted,
it's probably not going to be able to get online to reach any 'remote
config' utility. Just too many variables: DHCP, PPPoE, static-IP, etc.
The LAN side, though, is less of a tangle. Just have to
boot the NIC and find the LAN-side address range. So I envision a
situation where the user boots the firewall for the first time,
and turns on a LAN-machine to run some initial setup configuration.
Realistically, 90-percent of the LAN machines are running Windoze:
having a 'Setup Wizard' then would be really useful. If it's not that
sorta LAN, then we don't have to worry: that admin will be comfortable
at the firewall console.
-Scott
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
