Hi, > change if you plug into a different subnet of the same router in the > same administrative domain (or it might not, depending on the model Solution could be to save ALL possible MAC adresses and associate them with that network...
> Perhaps the key should be a combination of various parameters, such as > subnet address/prefix length, gateway IP, and gateway MAC. I think we are talking about two things here. First option is that firewall is based on connection UUID. That means, when I use specific connection, firewall rules for that connection are enforced. The other option is to autodetect which network I am using. Something like: I am connected to a router with MAC1, that means I must use firewall setting for that network. For instance, if I am using "Auto eth0" that could be on my home network or in cybercafe - and I can use two diferent firewall scripts. Which means there is another possibility - user should have an option that NetworkManager automatically invokes firewall script based on predefined rules OR asks user which firewall script should invoke (and proposes the best one). Some paranoid setup should be like that... I have very restrictive default firewall, but when I connect to my home network, NM detects MAC address, router IP, etc. and then asks me whether I want to run firewall script 2 or not (but I can disable this question and firewall script 2 is automatically run). Regards, Matej _______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list