Dynamic Firewall
"This means that /etc/sysconfig/ip*tables are not used for firewall configuration and will not be written for firewall changes."
Where will state now be saved? If the daemon crashes, or is zapped by the OOM killer, what will happen? --Mattdm 20:11, 6 December 2010 (UTC)
User interaction mode
"The user will be asked if an application requests to change the firewall for example to grant access for a service."
Who is "the user" and what is "an application"? Are we using "application" in the "it's a program with an icon" sense that the package management people are using? Or would a background daemon or service count? If more than one user is logged in, how do you decide who gets the alert? --Mattdm 20:11, 6 December 2010 (UTC)
Network zone support
"A public WIFI network interface for example should be untrusted, a wired home network interface should be fairly trusted."
I think you mean "When the interface is connected to a public wifi network", or "a wired home network". The interface itself is attached to the computer and is neither public wifi nor a home network. I'm not saying this to be pedantic -- it's important! --Mattdm 20:11, 6 December 2010 (UTC)
User policy support
Presumably this will use PolicyKit. What will the defaults be? --Mattdm 20:11, 6 December 2010 (UTC)
Other firewall configuration options
It is important to disable the firewall of system-config-firewall here.
Why? Can't we make it so this new thing gets along? --Mattdm 22:14, 6 December 2010 (UTC)