On Sat, 2011-03-05 at 17:55 +0100, Matej Kovacic wrote: > Hi, > > > We've talked about this sort of vague plan in the past, tweaking the > > firewall settings based on your location. Obviously that doesn't work > > so well for wired because you're never 100% what network you're > > connected to, but for wifi if the AP requires a passphrase or is WPA > > Enterprise, you're pretty sure you can trust your location. > What about arp -a or nmap gateway IP? > > > The UUID goes a long way towards helping with this, but there are > > fundamentally two approaches: either we have some sort of NM plugin > > manipulate the firewall, or we have the firewall listen to NM... either > > are doable. > The second approach requires modification of a firewall: firewall must > be "NetworkManager aware". That could be a problem, because NM and > firewall development should be coordinated in some way (maybe harmonised > is a better word).
This is true... I think there's a great opportunity here to make firewalls more network aware as we've all been discussing; we just need to either think more about it, or jump in and start making things happen... any takers? Same sort of thing with network proxies, which clearly depend on the network you're connected to, which NM knows a lot about. I think they're pretty much the same problem and would have very similar solutions. Dan _______________________________________________ networkmanager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
