Date: 05 Oct 2001 16:07:05 -0700 From: swear@blarg.net (Gary W. Swearingen) To: <freebsd-questions@FreeBSD.ORG> Subject: Re: FreeFirewall Message-ID: <jlbsjlk7om.sjl@localhost.localdomain> In-Reply-To: <000e01c14d76$4a206040$1401a8c0@tedm.placo.com> References: <000e01c14d76$4a206040$1401a8c0@tedm.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> >Such a firewall interface for FreeBSD would help to spread the OS > >to places where people would not otherwise consider using any kind > >of Unix because it is "too difficult". I think this is a Good > >Thing. > Except the only problem is that as you already pointed out, such a web-based > firewall interface already exists for Linux. Let the folks that need the > web interface to configure a firewall use that, then once they have graduated > from the firewall with training wheels then things like the GUI won't be as > important anymore. So they won't have use of some other good things about FreeBSD so they can use one Linux configuration tool? > You yourself graduated from the toy OS Linux to the professional OS FreeBSD. > Don't assume that nobody else can do it. It's not about "can"; it's about "want to" or "can or want to in the short time allotted by others or practicalities in the face of a hundred other things to do". > Which is going to benefit Free Software the most? Linux with a simplistic > firewall > that's GUI-runnable and FreeBSD with a professional, sophisticated, complex > and powerful firewall, or both OS's with simplistic firewalls that are > GUI-runnable and > neither OS with a professional, sophisticated, complex and powerful firewall? Free Software will benefit from people with interests in GUIs and user convenience doing their thing, people with interests in firewalls doing their thing, and both cooperating. > It's not our job to attempt to emulate the lowest common denominator (ie: > Linux) Of course it's your job to please yourself, but in considering features of software like FreeBSD it's more practically your (the collective your) job to compete in the marketplace of software which people (maybe even yourself) want to use because it has been given a good balance between consideration of SA time/efficiency and features/flexibility/ robustness/bugs. Hackers often spend too much time on the second part to produce software that will compete with, oh, say, most GUI software. Or do you not think "you" have any other job than to please your peculiar sensd of software esthetics, even it it means most of your work will sooner-than-necessarily find its way to the dustbin of computerdom? > Instead, we need to develop things that don't have a similar implementation in > Linux. In the same way that BeOS and a hundred other small-time OSes do. > Frankly, there's some fundamental design decisions that you have to make when > building firewalls that are web-based user-interfaced. One of the very first > is > that the web interface is aimed at people that don't know a lot - thus they > will > be confused if there's too many choices. Thus, you have to make the firewall > simple too. In fact the entire emphasis is on formatting the GUI so that > un-knowledgeable people can understand and use it. This is going right down > the Microsoft Windows path where eventually 95% of the program is the UI and > only 5% actually does anything. > Ultimately the users are better served if one of the OS's (Linux) just > concentrates on a firewall with a fancy GUI that's easily understandable, > while the other OS (FreeBSD) concentrates on a firewall that has some > flexibility. > Why divide effort? So FreeBSD users don't have to waste hours and days trying to learn and do things things that our computers should be doing for us. Leave us some time to do some original thinking instead of going through the same drudgery done by thousands of other SAs. Even a GUI that very much over-simplifies configuration will be OK for some, but a decent GUI configurator doesn't just give a fancy way to enter command options and arguments or config file data. When possible (in all that follows), it asks general questions that gets translates to specific data. It checks for incompatable selections, types, etc. It provides context-sensitive help where/when it's useful instead of a huge file of reference material. Of course, it allows as much flexibility as a config file as well. For one minor example, a decent GUI wouldn't require me to futz around with rule numbers to get things to happen in a desired sequence. If the GUI did nother else than take care of rule numbering after I move the rules around using the GUI and line-edit the rules, I"d call that helpful. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?jlbsjlk7om.sjl>