Description: Knetfilter is a KDE frontend to iptables. It is used with Linux 2.4 to manage the functionality of netfilter. Knetfilter lets you set up most common firewall configurations, as well as perform more sophisticated management of a complex firewall. It is also possible to use an integrated interface to tcpdump and nmap.
hehe
one of the last guy still using old school xosview....
I've loved that application for so long,... its not even include anymore on distribution CD :)
well, thats great...
hey about your knetfilter,... i was thinking earlier myself doing my own firewall application for KDE. but I've been told that I would have to modify ipchains/iptables or even create a replacement firewall software for them.
I'm thinking about something more user oriented that would sit in the kicker systray and just popup a window when a connection is coming. that would allow default settings to be blocking everything and allowing the user to unblock what he wants one connection at the time.
that would be great isn't it ?
maybe you would be interrested.
I run my own iptables commands, but I do think that's a great idea to help new Linux users (or lazy ones). Sounds like a Linux version of Zone Alarm, and I think it would help the Linux desktop advancement even more.
you right !!!
but even more, its not only lazy people and new comers who need a zone alarm like application. i think its every user which need a firewall.
I run ipchains/tables on my server too. it does the job really well for server. you know what you want to allow/deny, you write the rules, either with a GUI app or with vim :) and works done.
for desktop, its not the same thing. at the start, you have no idea what your need really is. which port which protocol/application use. and when you try something else, you want to be NOTIFIED that the application is trying to established some sort of connection.
allow it or not.
so basically, we need something that BLOCK EVERYTHING, and then query the user when ever a connection happen.
but i think iptables does not allow to suspend a connection, wait for an answer and then allow or drop it. that the problem,.... HOPEFULLY I AM WRONG. but if I am right, we need either to modify iptables or to create a new firewall engine from scratch.... which would be really ..... exhaustive ;)
well, ideas are welcome, but KDE need a firewall.
Good news: you're wrong ;-)
Iptables allows for packets to be queued for userland processing using the QUEUE target. Some program can then decide whether to drop the packet or to accept it.
I think this kind of application is definitely interesting from a desktop user's point of view, and I'd like to help implement something like this. Would you be interested in working with me? Unfortunately I have close to no experience in KDE development, but I would concentrate on the lower-level things.
Please contact me if you're interested.
Marc
Ratings & Comments
5 Comments
hehe one of the last guy still using old school xosview.... I've loved that application for so long,... its not even include anymore on distribution CD :) well, thats great... hey about your knetfilter,... i was thinking earlier myself doing my own firewall application for KDE. but I've been told that I would have to modify ipchains/iptables or even create a replacement firewall software for them. I'm thinking about something more user oriented that would sit in the kicker systray and just popup a window when a connection is coming. that would allow default settings to be blocking everything and allowing the user to unblock what he wants one connection at the time. that would be great isn't it ? maybe you would be interrested.
[xosview] It's included in Suse 9
I run my own iptables commands, but I do think that's a great idea to help new Linux users (or lazy ones). Sounds like a Linux version of Zone Alarm, and I think it would help the Linux desktop advancement even more.
you right !!! but even more, its not only lazy people and new comers who need a zone alarm like application. i think its every user which need a firewall. I run ipchains/tables on my server too. it does the job really well for server. you know what you want to allow/deny, you write the rules, either with a GUI app or with vim :) and works done. for desktop, its not the same thing. at the start, you have no idea what your need really is. which port which protocol/application use. and when you try something else, you want to be NOTIFIED that the application is trying to established some sort of connection. allow it or not. so basically, we need something that BLOCK EVERYTHING, and then query the user when ever a connection happen. but i think iptables does not allow to suspend a connection, wait for an answer and then allow or drop it. that the problem,.... HOPEFULLY I AM WRONG. but if I am right, we need either to modify iptables or to create a new firewall engine from scratch.... which would be really ..... exhaustive ;) well, ideas are welcome, but KDE need a firewall.
Good news: you're wrong ;-) Iptables allows for packets to be queued for userland processing using the QUEUE target. Some program can then decide whether to drop the packet or to accept it. I think this kind of application is definitely interesting from a desktop user's point of view, and I'd like to help implement something like this. Would you be interested in working with me? Unfortunately I have close to no experience in KDE development, but I would concentrate on the lower-level things. Please contact me if you're interested. Marc