NetworkManager has support for FirewallD zones, so it would be great if the applet could 1) ask the user whether it's a private (and thus the user may want to share resources) or public network (and thus the user may prefer to stay safe) when a new connection is set up, then a) if the user says "private", then configure the connection in the "trusted" zone (could be configurable); b) if the user says "public" or just ignores the question and closes the applet, then configure the connection in the "public" zone (or the default zone, could be configurable); 2) show the info about the current zone in the connection details. Note that 1) is something that Windows 10 already does very well. Of course, more advanced users could always open the connection editor and change the zone, or even configure FirewallD directly, but this could be a **huge** improvement for most users. Why? Consider Fedora's KDE and GNOME spins. The KDE spin decided to set the default firewall zone to "public", whereas the GNOME spin (Fedora Workstation) decided to set a default that leaves open all the ports beyond 1024. KDE folks' decision is great for security, but it fails miserably from the UX perspective as soon as a non-experienced user tries e.g. to share some files over the network at home: it doesn't work, and they don't know what to do. On the other hand, GNOME folks' decision is great from the UX point of oview, but has critical security implications (I don't think the user wants to share files in a café's WiFi or at the airport). So, all in all, I think that asking *once* whether a new connection should be private or not and saving the proper firewall zone is the best trade-off between security and UX.
I think there has been some confusion here. Where exactly is the UX issue? How do you expect users to attempt to share files using a port higher than 1024 using a GUI tool available in KDE? If a user figures out how to do anything else, they can figure out how to open a port on a firewall. Not to mention that there are already multiple firewall management GUIs. I fail to see how the decision of the GNOME folks, which has been to ignore various serious concerns in favour of Mac-like "simplicity", helps with UX in any way.
(In reply to John M. Harris, Jr. from comment #1) > I think there has been some confusion here. Where exactly is the UX issue? > How do you expect users to attempt to share files using a port higher than > 1024 using a GUI tool available in KDE? There is no confusion. It's a perfectly valid and reasonable request for a feature that is missing. Currently: *I need to know* that there is a firewall and *I need to know* that there is a default policy "public" to have the *intent* of changing it. Then, I have to open the kcm dialog for the connections which, for a WiFi, lands in the "Wi-Fi" tab, not the "General configuration" where the option I'm looking for is: "Firewall zone". A better UX is: as soon as I click on a new connection in the applet, the applet asks me whether the connection is private or public, and sets that "Firewall zone" accordingly. That's it. So please don't mix things, and please, please don't bloat this RFE with endless discussion not directly related to this specific request that is, I believe, clearly stated and substantiated.
I fail to see how that would be, in any way, useful. If the user needs to change their firewall zone (In my opinion, very few of the users you're talking about would likely need to do so. If they don't know what a firewall is, they really shouldn't be making firewall related decisions.), there's already a way to do that: Open the Connections kcm, select the connection you'd like to configure, go to the "General configuration" tab and select what you'd like.
You fail to see many things, John.