Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 115149

Summary: net-firewall/kmyfirewall version bump to 1.0
Product: Gentoo Linux Reporter: Erinn Looney-Triggs <erinn.looneytriggs>
Component: New packagesAssignee: No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed>
Status: RESOLVED FIXED    
Severity: enhancement CC: kde
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Erinn Looney-Triggs 2005-12-10 19:40:18 UTC 
Version 1.0 of kmyfirewall has been released.
Thanks,
-Erinn
Here is a copy of the release notes:
Release Notes 
-------------

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Important: As the file format used to save the rulesets has changed,   !!!
!!! rulesets created with KMF < 1.0beta1 WILL NOT work, don't even try it! !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Since the last stable release KMF has been completely rewritten in order to be 
even more flexible and on the other hand easier to use.

New plugin framework

Most parts of the application has been rewritten introducing a plugin framework
that allows to add new IPTables rule option editors to be written within a few
hours (well maybe days depends on the options complexity :).  This will allow
us (and contributors) to easily implement the fast growing number of IPTables
ruleoptions without the need of understanding the whole application.

The backend generating the IPTables rules itself has been extended to allow the
registration of new rule options by defining them in an XML description file.
For a detailed description about how to write such plugins have a look at the
application handbook in the current CVS version.  So feel free to contribute
plugins, there are lots of options still not implemented.  


New Easy-To-Use platform independant interface

As I often got mails complaining about the to complex nature of KMF and the
very limited possibilities the wizard provides i simply removed the wizard and
implemented a completely new interface.  


Features of the new Interface

As the new interface works on an abstract descrioption of the generated rules
the new plugin structure allows us top implement script compilers that support
other firewalling backends than just netfilter/iptables.

To support a new tool kit it is required to write a compiler and an installer
plugin for the new framework. Currently just the iptables/linux compiler and
installer is implemented. As with the rule option plugins of the IPTables
interface it shouldn't bee too much work to develop those plugins.  


IPTables vs. Generic interface

The main difference between those two interfaces is that the new Generic
Interface is OS and toolkit independant while the IPTables interface is an
improved version of the well known KMF GUI and therefore tight bound to the
netfiler/iptables toolkit and can therefore only be used with Linux as
operating system.  


Why two different interfaces?

Especially when concerning security related applications you (as developer)
need to decide if you like to build an application used by expert users (e.g.
experienced system administrators) or if you like to provide a tool that
everybody can handle.

It hasn't been an easy decision to implement one interface for each user group
but after pondering about concepts to merge those two requirements into one
interface we decided that it is much better to seperate them.  This allows us
to concentrate on the wishes and wanted features for each of the user groups.




Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 Marcelo Goes (RETIRED) gentoo-dev 2005-12-12 10:24:44 UTC 
Bumped in cvs, thanks!