ZeroConf in Ubuntu Edgy

Scott Dier dieman at
Tue Jul 4 00:38:03 BST 2006

Tobias Wolf wrote:
> In that case the Ubuntu target audience is clearly of limited scope.
> Just at the Howto instructions on the forums. You’ll find a port opening
> fest. Should they all go elsewhere instead? Or should they get hacking
> iptables by hand if they really want to open ports?

It's not just a matter of 'fire up a firewall, that fixes the problem'. 
  Nomadic machines do not currently have a great way of saying what 
networks are 'trusted' and which ones are not.  Adding another option to 
nm sounds like a great idea, but how do I explain it to a user?  How do 
they know what they are enabling/disabling per network?  What services 
should be triggered on/off with this switch and should a pile of network 
services be handled by an alternate method than init rather than using a 
firewall?  How do you configure it so these services can still be 
operated without this special service on 'server' machines, too?  How 
does it work when someone has 2 interfaces up, one to a local net 
(trusted) and one to a WAN (untrusted) (ie: gprs and ethernet to a 
customer site)?  There isn't a great way to tell iptables that an 
interface is in a specific profile, so all this stuff would need to be 
changed on the fly with the iptables route.

I think it needs a lot of serious discussion to develop it into a spec 


Scott Dier <dieman at>

More information about the ubuntu-devel mailing list