From Fedora Project Wiki
 
(10 intermediate revisions by 3 users not shown)
Line 5: Line 5:
The purpose of this feature request is to be able to classify network connections according to their trust level. A public WIFI network connection for example should be untrusted, a wired home network connection should be fairly trusted.  
The purpose of this feature request is to be able to classify network connections according to their trust level. A public WIFI network connection for example should be untrusted, a wired home network connection should be fairly trusted.  


Please also have a look at these additional features:
Please also have a look at this additional feature:


* [https://fedoraproject.org/wiki/Features/network-zones https://fedoraproject.org/wiki/Features/network-zones]
* [[Features/firewalld-default]]
* [https://fedoraproject.org/wiki/Features/firewalld-rewrite https://fedoraproject.org/wiki/Features/firewalld-rewrite] (postponed for Fedora-17)


== Owner ==
== Owner ==
Line 17: Line 16:
== Current status ==
== Current status ==


* Targeted release: [[Releases/16|Fedora 16]]  
* Targeted release: [[Releases/17|Fedora 17]]  
* Last updated: 2011-06-27
* Last updated: 2012-03-19
* Percentage of completion: 0%
* Percentage of completion: 100%


== Detailed Description ==
== Detailed Description ==
Line 36: Line 35:
|-
|-
|style="background-color:#aaFFaa;"| home
|style="background-color:#aaFFaa;"| home
|style="background-color:#aaFFaa;" rowspan="2"| Partly trusted connections. User/administrator defines the the open services.
|style="background-color:#aaFFaa;" rowspan="3"| Partly trusted connections. User/administrator defines the the open services.
|-
|-
|style="background-color:#aaFFaa;"| work
|style="background-color:#aaFFaa;"| work
|-
|style="background-color:#aaFFaa;"| internal
|-
|style="background-color:#FFFFaa;"| dmz
|style="background-color:#FFFFaa;"| Mostly untrusted connections, the demilitarized zone.
|-
|-
|style="background-color:#FFFFaa;"| public
|style="background-color:#FFFFaa;"| public
|style="background-color:#FFFFaa;"| Mostly untrusted connections. User/administrator defines the the open services.
|style="background-color:#FFFFaa;" rowspan="2" | Mostly untrusted connections. User/administrator defines the the open services.
|-
|style="background-color:#FFFFaa;"| external
|-
|-
|style="background-color:#FFaaaa;"| block
|style="background-color:#FFaaaa;"| block
|style="background-color:#FFaaaa;"| Fully untrusted connections. No incoming traffic is allowed.
|style="background-color:#FFaaaa;"| Fully untrusted connections. No incoming traffic is allowed.
|-
|style="background-color:#FFaaaa;"| drop
|style="background-color:#FFaaaa;"| Fully untrusted connections. All packets are dropped immediately.
|-
|}
|}


Line 77: Line 87:
== Documentation ==
== Documentation ==


See [https://fedoraproject.org/wiki/FirewallD/ https://fedoraproject.org/wiki/FirewallD/]
See [[FirewallD]]


The fedorahosted site is here: [https://fedorahosted.org/firewalld/ https://fedorahosted.org/firewalld/]
The fedorahosted site is here: [https://fedorahosted.org/firewalld/ https://fedorahosted.org/firewalld/]
Line 83: Line 93:
== Release Notes ==
== Release Notes ==


Fedora 16 adds support for the network zones model that provides a way to classify network connections according to their trust level.
Fedora 17 adds support for the network zones model that provides a way to classify network connections according to their trust level.


The classification of network connections will make it possible to have different firewall configurations for different connections. For example a public WIFI connection should be fairly untrusted and there should at best be no accessible service. The home connection on the other hand should be fairly or fully trusted.
The classification of network connections will make it possible to have different firewall configurations for different connections. For example a public WIFI connection should be fairly untrusted and there should at best be no accessible service. The home connection on the other hand should be fairly or fully trusted.


[[Category:FeatureReadyForFesco]]
[[Category:FeatureAcceptedF17]]

Latest revision as of 19:54, 19 March 2012

Network Zones

Summary

The purpose of this feature request is to be able to classify network connections according to their trust level. A public WIFI network connection for example should be untrusted, a wired home network connection should be fairly trusted.

Please also have a look at this additional feature:

Owner

Current status

  • Targeted release: Fedora 17
  • Last updated: 2012-03-19
  • Percentage of completion: 100%

Detailed Description

A network zone describes the trust level of a network connection. Important here is that there is a big difference between a network connection and a network interface. A network interface can be used for many different connections, but a connection is most likely bound to a special network interface.

Currently network connections are unclassified. The user or administrator can not set the trust level of a connection. Additionally the netfilter based firewall in Linux does not know anything about connections - it can only handle network interfaces.

The current firewall solution in Fedora is static and can not enable firewall features for special connections. Either all interfaces are handled in the same way or the user or administrator has to write a complex firewall setup on his own.

The initial network zones:

trusted Fully trusted connections. All incoming traffic is allowed.
home Partly trusted connections. User/administrator defines the the open services.
work
internal
dmz Mostly untrusted connections, the demilitarized zone.
public Mostly untrusted connections. User/administrator defines the the open services.
external
block Fully untrusted connections. No incoming traffic is allowed.
drop Fully untrusted connections. All packets are dropped immediately.

Benefit to Fedora

The classification of network connections will make it possible to have different firewall configurations for different connections. For example a public WIFI connection should be fairly untrusted and there should at best be no accessible service. The home connection on the other hand should be fairly or fully trusted.

If services are running on a machine, these are only visible for connections that are trusted or that are part of zones, that allow the external access. Having several connections at a time with different trust zones is also possible.

Scope

Changes to NetworkManager and the D-BUS interface are needed for this. Altogether with extensions of the NM UIs.

How To Test

  • Install NetworkManager packages with the feature enabled.
  • Set and reset zones for connections.
  • D-BUS messages are generated with information of the connection, interface and zone.

User Experience

The user can set the trust level of connections ans also the default zone for new connections.

Dependencies

  • firewalld (changes in the works)

Contingency Plan

Rebuild of NetworkManager or disabling the feature in the configuration should be enough.

Documentation

See FirewallD

The fedorahosted site is here: https://fedorahosted.org/firewalld/

Release Notes

Fedora 17 adds support for the network zones model that provides a way to classify network connections according to their trust level.

The classification of network connections will make it possible to have different firewall configurations for different connections. For example a public WIFI connection should be fairly untrusted and there should at best be no accessible service. The home connection on the other hand should be fairly or fully trusted.