Bug 336201 – Use firewalld to poke a hole in the firewall

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 336201 - Use firewalld to poke a hole in the firewall


Summary:	Use firewalld to poke a hole in the firewall


Status:	RESOLVED NOTGNOME

Product:	gnome-user-share
Classification:	Core
Component:	webdav
Version:	0.9
Hardware:	Other Linux

Importance:	Normal enhancement
Target Milestone:	---
Assigned To:	gnome-user-share maintainers
QA Contact:	gnome-user-share maintainers

URL:
Whiteboard:

Duplicates:	522442 (view as bug list)
Depends on:
Blocks:

Reported:	2006-03-27 15:17 UTC by Christian Nolte
Modified:	2014-06-25 15:33 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
Mockup of advanced option integration into properties dialog (13.37 KB, application/x-glade) 2006-03-27 17:23 UTC, Christian Nolte	Details

Description Christian Nolte 2006-03-27 15:17:45 UTC

Currently gnome-user-share creates a httpd-server listening on some random high-level port. This is fine until one uses a firewall. The port on which the httpd is listenig should be configurable by the user (perhaps in some advanced options), so that the port could be opened on the firewall because it is then known. It is no good idea to force the user to drop shields...

Comment 1 Christian Nolte 2006-03-27 17:23:37 UTC

Created attachment 62135 [details]
Mockup of advanced option integration into properties dialog

I have done a quick mockup based on the original .glade file to better understand what I mean. If the user enters a port in the advanced options of the properties dialog, this would override the actual behaviour. Of course a checking of the port must be done and in case an error occurs the user must be informed about the problem.

Comment 2 Alexander Larsson 2006-04-19 10:46:21 UTC

This sounds like a good idea to me. Anyone wanna work on it?

Comment 3 Bastien Nocera 2008-03-11 11:45:42 UTC

I'd rather not have any configuration of the sort in gnome-user-share. What would be better, would be a PolicyKit integrated service that would punch holes in the firewall for us, and plug them when the application goes away.

Comment 4 Bastien Nocera 2013-02-21 10:39:25 UTC

*** Bug 522442 has been marked as a duplicate of this bug. ***

Comment 5 Gendre Sébastien 2013-03-09 01:27:46 UTC

Like Bastien Nocera said, no need changes in the UI. 

Simply, if firewalld is enabled when user allow the sharing with httpd, send a request by DBus to firewalld for open the using port. And when user stop the sharing with httpd, send another request to close the using port.

Really, no changes need in the UI.

Comment 6 Bastien Nocera 2014-06-25 15:33:08 UTC

Will be fixed in the next version of Fedora, see:
http://www.hadess.net/2014/06/firewalls-and-per-network-sharing.html