[Wifidog] Version 1.0
Alexandre Carmel-Veilleux
saruman at northernhacking.org
Thu Apr 22 22:54:41 EDT 2004
On Thu, Apr 22, 2004 at 07:24:37PM -0400, Philippe April wrote:
>
> If you can afford to say "probably not", maybe you could look at how it
> should get done and suggest :) Since you have exposure to ipf and all of
> those, maybe you can find a way that'll be easily portable.
Heh ;-). I have a few ideas, including generating the firewall
scripts on the fly (or at start-up...) We could have a generation module
per firewall type. Simpler then using APIs and more versatile on a
platform where we don't have an advanced scripting language available.
The generators would be mostly fprintf's.
Added to this, we shift as much work to the firewall script,
maybe even one script.
API side I'm not sure. Maybe we should only have one funtion,
fw_ctl() whose first argument is a flag that says something like
"FW_CLEANUP", "FW_ADD", "FW_DELETE", "FW_STAT"... Kind of like ioctl().
This would work especially well with a single firewall script.
> Ok let's focus on 1.0 with almost no custom stuff, then we'll debate on
> this. I thought a mix would be good and I think we all agree about this
> (local policies AND remote).
That is something I can agree with. Let's get something into
early production.
> Someone has to come up with a diagram explaining the classes, the groups,
> etc.
Definately. I'll try and see if I can squeeze it in.
Alex
-------------- next part --------------
_______________________________________________
Wifidog mailing list
Wifidog at isf.waglo.com
http://isf.waglo.com/mailman/listinfo/wifidog_isf.waglo.com
More information about the Wifidog
mailing list