$Id: TODO,v 1.20 2001/07/30 06:09:32 vkurland Exp $


General ideas:
--------------


GUI:
----

new service type: custom user-defined service

Druid should mark rules with some sort of a tag, so it won't create the
same rules many times

In firewall dialog, tab "Interfaces", add button "Get interfaces
configuration from local host"

Decent time intervals editor (using calendar widget may be)

Use gnome--, get rid of gnome wrappers.
Use ucd-snmp library instead of calling snmpget and snmpwalk

Test with all themes. There seems to be a problem with theme "Basic"
(clipping of object's names in policy list)

Somehow separate library objects from user's objects. This would
simplify upgrades of the library of standard objects


additional checks:

interface can not have netmask of 255.255.255.255



compilers:
----------

for those platforms where compiler produces shell script
(ipchains,iptables) add "definitions" section at the beginning. Define
variables for the host and network names in that section, so that
policy rules would use names instead of IP addresses. Makes script
more readable.  Can something like this be done for ip_filter ?




iptables:

implement port ranges for TCP and UDP services

add support for features from patch-o-matic:

  -m time
  -m record-rpc
  -m ah-esp     
  -m dropped  (with checkbox "Log all dropped packets")
  -m pkttype  (for checks for BROADCAST, MULTICAST - how to utilize this? may
               be add checkbox/flags to IP service: 
                  [ ] - broadcast packet
                  [ ] - multicast packet

               there should be a way to specify multicast group though)
  -m string

add new service type - "Custom" :

  IP protocol:    number
  source port:
  dest. port:
  type:
  code:
  platform:       iptables
    platform-depended code:  "-m talk"
  platform:       ipfilter
    platform-depended code:  "something else"


--or--

add attribute "Platform-dependent code" to all services






configure, RPM's and packaging:
---------------------

check version of libxml2, libxslt



objects_init.xml  and   examples:
---------------------------------

add list of IANA reserved networks and a group "Reserved_networks". Good for
blocking rule



printing
--------

Redesign "Print" dialog














