[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows?
From: |
Duncan |
Subject: |
[Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows? |
Date: |
Mon, 8 Mar 2010 00:39:49 +0000 (UTC) |
User-agent: |
Pan/0.133 (House of Butterflies) |
Rob posted on Sat, 06 Mar 2010 21:31:15 -0500 as excerpted:
> On Saturday 06 March 2010 02:23 pm, Joe Zeff wrote:
>> I used ZA back before I switched to Linux only, and I have nothing but
>> praise for it. The interesting thing is, not one of those programs
>> failed to run properly without Internet access.
FWIW, ZA Pro was I believe the last MSWormOS software I actually paid for,
before switching to Linux full-time. At the time, I was already planing
to eventually switch to Linux, was pre-checking all hardware upgrades for
Linux drivers (as I mentioned earlier, I unfortunately didn't groke the
difference between "Linux drivers" and "freedomware Linux drivers" at the
time, or I'd have never purchased that last nVidia card), and had
basically stopped purchasing MSWormOS based software, but I decided ZA Pro
was worth it for my needs, and it's a decision I don't regret. =:^)
> I actually really wish there was a ZoneAlarm, meaning a firewall that'll
> actually pop up interactive alerts when programs try to hit the Internet
> and allow me to confirm or deny them and set up white- and blacklists,
> for Linux. Not only for keeping proprietary Linux software honest, but
> also for when I need to try something out under Wine (maybe ZoneAlarm
> itself would run under Wine, but I'm not optimistic).
With the kernel based IPTables/Netfilter, it's possible to do, you'd just
need an appropriate front-end. There's quite a few firewall front-ends to
netfilter, and even more distributions designed to run it as a core piece
of a hardware firewall appliance/machine solution, but I don't know of any
with that level of X-based interactivity.
Using netfilter/iptables, it's actually almost trivial to setup an
incoming stateful firewall similar in firewall functionality to a NAPT
based hardware router (with automatically allowed replies to outgoing),
and to open port specific holes in it again similar to such a router. One
could setup an outgoing firewall as well using the same netfilter/iptables
core, similar to what the various Zone Alarm like apps do on MSWormOS, but
tracking and managing the allowed apps and setting up a system to remember
them for more than just a single session isn't anything like as trivial as
setting up that incoming stateful firewall, command-wise. Setting up
logging, and blocking individual apps based on the logs (thus black-list
based, rather than white-list), would be rather easier, and indeed is done
relatively routinely by various Linux sysadmins I'm sure, but that's not
the same as a white-list based system with a memory of what's allowed
beyond the current session, and /that/ isn't the same as designing and
coding a nice GUI to go with it, similar to what ZA does.
But I wonder... surely someone's thought of it and at least has made a
start at it?? Maybe one day I'll decide it's worth checking out
freshmeat, etc, and/or googling, to see. I believe it should be simple
enough that in theory, even a bash and kdialog/zenity/xdialog scripter
like me should be able to set it up, including the GUI, no "exotic" C/C++
or even "stronger scripting language" like python/perl/tcl/tk necessary
(tho it'd arguably be easier, better GUI, and faster responding on slow
hardware, than bash/?dialog, for those that know other languages).
--
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman
- Re: [Pan-users] Re: Building Pan on Windows?, (continued)
- [Pan-users] OT: freedomware vs... Was: Building Pan on Windows?, Duncan, 2010/03/05
- Re: [Pan-users] OT: freedomware vs... Was: Building Pan on Windows?, Alan Meyer, 2010/03/05
- [Pan-users] Re: OT: freedomware vs... Was: Building Pan on Windows?, Duncan, 2010/03/06
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan on Windows?, Alan Meyer, 2010/03/06
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows?, Travis, 2010/03/06
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows?, Alan Meyer, 2010/03/06
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows?, Joe Zeff, 2010/03/06
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows?, Rob, 2010/03/06
- [Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows?,
Duncan <=
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows?, walt, 2010/03/07
- [Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows?, Duncan, 2010/03/07
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan onWindows?, Steven D'Aprano, 2010/03/06
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan on Windows?, Steven D'Aprano, 2010/03/06
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan on Windows?, Alan Meyer, 2010/03/06
- [Pan-users] Re: OT: freedomware vs... Was: Building Pan on Windows?, Duncan, 2010/03/07
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Pan on Windows?, walt, 2010/03/07
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Panon Windows?, Travis, 2010/03/07
- [Pan-users] Re: OT: freedomware vs... Was: Building Panon Windows?, Duncan, 2010/03/07
- Re: [Pan-users] Re: OT: freedomware vs... Was: Building Panon Windows?, walt, 2010/03/07