Skip to content
Bhakti Bhikne edited this page Jan 24, 2017 · 64 revisions

Notes

https://github.com/cockpit-project/cockpit/issues/1094

Trello Card

Firewall feature comparisons and screenshots

Stories

As a system admin,I want to be able to block and unblock ports ,so that I can allow/block certain applications on my system.

As an experienced system admin,I want to monitor and control incoming and outgoing traffic,so that I can optimise performance and block or delay datagram packets.

As a system admin,I want to be able to troubleshoot the errors encountered while using the system so that I know the cause of the errors.

As an inexperienced system admin,I want to allow only web servers and SSH so that all other applications are blocked.

Rolando D. Price is a junior system administrator. He has trouble accessing a HTTP webserver. He realises that port 80 is blocked by the firewall.He discusses this with his senior system administrator,Mike R. Stephens. Mike and Rolando discuss that they should configure the settings while setting up the network. They can block and unblock ports to allow or block certain applications. Mike points out that he can also monitor and control incoming and outgoing traffic to the network. In case of any errors arising,Rolando and Mike should be able to troubleshoot the errors and get to the root cause of it.

Workflows

Rolando logs in to the server using Cockpit.Rolando identifies the ports required for accessing the web server applications. He allows only these specific ports and blocks remaining ports. Mike also sets up the firewall log to monitor the incoming and outgoing traffic.

When an error arises,Rolando and Mike have the option to either dismiss or troubleshoot the error. On choosing troubleshooting,the firewall should show a possible solution and the cause of the error.

Wireframes

Inkscape Mockup: A) Add-port Inkscape Mockup: Add-port ( SVG ) Add-port(with error states) Add port (PNG)

  1. Parallel layout of port access rules and traffic log (similar to Storage layout) Can get clustered if the data is huge and more features are to be added at later stages.

  2. Using Button bar to navigate between features a) Launching page be the port access rules:

b)Error message for invalid port numbers

c) The traffic log feature can be navigated by clicking on the Traffic Log button

3)The below mockup will be problematic if the number of ports and traffic at the server is huge.

  1. Firewall landing page To add new ports,the user can insert ports inline and click on '+' or '-' to save the changes.

5)Firewall traffic log

6)Control incoming and outgoing traffic

  1. Troubleshooting errors

a)The user can enable or disable error alerts.

b)If the user chooses 'troubleshoot' option ,possible solutions to solve the error can be displayed:

c)For multiple errors:

Prior art

1)Untangle

2)IPFire

3)Smoothwall

4)Endian ( Version2.1, Version 2.2)

5)ClearOS

6)Zentyal

7)Sophos UTM

8)OPN Sense

Feedback

Clone this wiki locally