On Fri, 1 Aug 2003, Epps, Aaron M. wrote: PLEASE WRAP YOUR LINES at less than 80 characters per line. > This suggestion is for "Home Users"... If someone's a SysAdmin and you > have issues with figuring out Samba & IPTables then you shouldn't be > one. > > IPTables are enabled by default, how is a user going to know that they > have to stop the iptables service in order for Network Browsing to work? > > Also, I don't think just shutting off IPTables is a suitable solution, > and even if they did shut off IPTables how many people do you know that > have physical firewalls setup at home? If you also read my note, I >suggested prompting the user if they wanted to open these ports, not to > automagiclly go ahead an do it without their knowledge. Maybe a personal firewall approach is needed. Just like it pop-ups a yes/no dialog box for every outgoing or incoming connection such a program could pop-up and ask to allow incoming calls for certain listen ports. (The moment a program listens on a port an event is triggered) And then you can decide to allow it from a single address, a network range or decide to allow it on a case by case basis. That's probably what 'Home Users' would expect anyway. The current iptables firewall from Red Hat is a basic tool and limited in functionality. Kind regards, -- dag wieers, dag@xxxxxxxxxx, http://dag.wieers.com/ -- [Any errors in spelling, tact or fact are transmission errors]