Slashdot Log In
Contest For a Better Open-WRT Wireless Router GUI
Posted by
kdawson
on Sat Feb 28, 2009 05:19 PM
from the doing-well-by-doing-good dept.
from the doing-well-by-doing-good dept.
Reader RoundSparrow sends word of a contest, with big cash prizes, being mounted by a commercial vender of open source Open-WRT routers. You have 10 months to come up with "the most impressive User Interface/Firmware for Ubiquiti's newly released open-source embedded wireless platform, the RouterStation." Entries are required to have open source licensing and will all be released. First prize is $160,000, with four runners-up receiving $10,000. RoundSparrow adds: "Could be built on top of existing X-WRT or LuCI OpenWRT web interfaces. OpenWRT Kamikaze 8.09 was just released. Now is perfect timing for OpenWRT to get some kick-ass interface and usability ideas. I'm not affiliated with the contest vendor."
Related Stories
[+]
Technology: Ubiquiti Announces RouterStation Challenge Winners 87 comments
Riskable writes "Remember that $200,000 Contest For a Better Open-WRT Wireless Router GUI? Today Ubiquiti posted the winning entries to their support wiki. The grand prize was a tie between PyCI (written by yours truly) and NETSHe with OpenNET as the runner up. Source code and firmware images for each entry are available for download on their respective wiki pages. I'll be setting up a project page for PyCI (and l2sh) soon to make it a participatory open source product. Even if you don't have a RouterStation, or don't care about OpenWRT, there are numerous Python modules and tools inside of PyCI that could prove useful to other open source projects (e.g. iptables.py can read/interpret over 400 permutations of the iptables command). I'll also be checking the comments if anyone has any questions for me about PyCI or the contest in general. BTW: I'd like to thank all the commenters in the original article that insinuated that the technical requirements were impossible and/or that making a GUI to configure such complex things is a waste of time. I read every one and I wouldn't have made it such an obsession otherwise!"
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
X-WRT? (Score:5, Insightful)
What's wrong with X-WRT?
OpenWRT is something you set up, then forget. It doesn't need "themes" or "skins", or 3d effects. This is not "pimp my router".
Re:X-WRT? (Score:5, Funny)
hmm, Crysis with 60 fps on a Beowulf cluster of OpenWRT routers?
[bye karma, I will miss you :)]
Parent
Re:X-WRT? (Score:4, Funny)
raytraced. You forgot raytraced.
Parent
Re:X-WRT? (Score:5, Insightful)
Parent
Re:X-WRT? (Score:5, Insightful)
This isn't a theme competition, it's a user interface competition - usability counts much more than the style of the buttons.
Also, it's a genious move. When the clients are released, you'll have plenty to choose from. Also, being open source. you can merge the best bits of all the clients into one really good one.
Whoever came up with this idea should get a massive pay rise.
BTW, we could adopt the methodology in other areas too.
Parent
Re: (Score:3, Interesting)
I think we should encourage other companies to join in the contest. Best idea I have is solicit router companies to do $25,000 donations - and allow them to independently judge and reward their own winner.
That way maybe someone who didn't make the top place could get a chance at another income boost. Would supplement the interest in people fearful of not making 1st place.
Also note that a single person can enter more than ONE entry - so if they come up with different design cocepts - they don't have to cho
Re:X-WRT? (Score:4, Insightful)
People who think "user interface" is synonymous with "themes, skins or 3D effects" are a large part of the reason so much software has a terrible user interface.
Parent
Re: (Score:3, Interesting)
Re:X-WRT? (Score:5, Funny)
This is not "pimp my router".
Yo Dawg! I heard you liked security, so I put a WPA2 in your WRT so you can feel safe whenever you browse porn!
Parent
Re:X-WRT? (Score:4, Informative)
Noting wrong with X-WRT, I use it. The OpenWRT developers recently choose LuCI as default for Kamikaze 8.09 release.
I also forgot to mention there are other up to date alternate such as Gargoyle http://www.gargoyle-router.com/ [gargoyle-router.com] that is GPL license and could be uses as basis for contest entry.
You can view this as fit and finish challenge - but will you win the contest if you put the least effort in?
Parent
Re: (Score:3, Funny)
"This is not "pimp my router"."
If enough customers will spend sweet, sweet monies on a pimped router there is every reason to give them that option.
Slashdot has already provided a suitably artful theme:
http://armish.linux-sevenler.org/blog/wp-content/pembeslash.jpg [linux-sevenler.org]
Modern Linux hackable routers, 802.11n support (Score:5, Informative)
Other OpenWRT news. The newest Atheros 9xxx radio chips is available in a number of OpenWRT supported routers now. I have been working to help organize new 802.11n support in OpenWRT. I have compiled a list of consumer routers that work with Linux ath9k driver and ar71xx CPU. In order of current recommendation:
Planex (PCI) MZK-W04NU, 32MB RAM and 8MB flash, USB port, 10/100 Ethernet
Trendnet TEW-652BRP, 32MB RAM and 4MB flash, 10/100 Ethernet
Trendnet TEW-632BRP, 32MB RAM and 4MB flash, 10/100 Ethernet
D-Link DIR-615 revision C1 (ONLY!), 32MB of RAM and 4MB flash, 10/100 Ethernet
TP-Link TL-WR941N WR941ND, 32MB RAM and 4MB flash, 10/100 Ethernet
OpenWRT team is pretty close also on the Netgear WNR2000.
These listed above all come from a common Atheros AP81 reference platform. see http://wiki.openwrt.org/AtherosAR9100 [openwrt.org]
In USA and Japan, the Planex is available on Amazon.com for $59.99 with free shipping... it has more flash and USB port. 3 removable antennas, is a nice hacker system. In the USA, the Trendnet routers have been on sale from Newegg, Fry's, buy.com for only $25 a few times. I will try to post on Reddit / my Slashdot journal when I see them on sale for $25 next time.
The ath9k driver for Linux is not yet mature but is moving along... in 2 to 3 months I expect we have a very nice platform... and the router interface and ease of use of OpenWRT is getting attention with this contest! Now is an exciting time for OpenWRT and Linux routers - finally moving to some new N devices.
I have a suggestion ... (Score:5, Insightful)
Re: (Score:2)
Too bad it still doesn't support ipv6 properly. But personally, I love Tomato. I have bought a WRTGL router because of my problems with other routers(very crappy firmware) and tomato runs like a sunshine with options that I didn't even comprehend would benefit me.
It's simply another case of FLOSS to the rescue.
Re: (Score:2)
IPv6 has some really nice features. I have deployed IPv6 on my networks (6to4 rules!) and now I can SSH into _any_ computer from _any_ computer - all computers have public IPv6 addresses.
Additionally, reverse 6to4 provides fully automatic reverse DNS delegation.
All for free.
Re: (Score:3, Funny)
I don't have enough computers at home to need ipv4 either but that's included.
Re: (Score:3, Interesting)
Personally, I don't have enough computers at home to need ipv6.
I take it you're not developing software that needs to support IPv6 either.
Tomato is great, but I need/want IPv6 autoconfig on my home net. A spare Cisco 1700 handles this nicely. One of these days when I have some spare time, I'll get a v6 tunnel set up on it.
Re:I have a suggestion ... (Score:4, Insightful)
Personally, I don't have enough computers at home to need ipv6.
It's not just about your computers at home. Your home is connected to the Internet. The Internet is growing at an exponential rate. It only has 4 billion addresses. Thus, IPv6 is useful if you plan to continue connecting to things as we approach the not-so-distant future.
Parent
Re: (Score:3, Insightful)
I don't think anyone here has enough computers at home to need IPv6. I mean, if you have more than 253(*) computers in your house, you have more problems than needing IPv6.
(*) Number of possible nodes on a Class C subnet minus the router itself.
The only reason I could see myself having to move to IPV6 would be if my ISP forces me to.
Re: (Score:2)
So why don't the guys who make Tomato port their UI over to OpenWRT and enter it in contest?
Re:I have a suggestion ... (Score:4, Insightful)
I second the GP poster. Tomato rocks. Clean interface, lots of functionality, good documentation.
I've been many times at the OpenWrt. It sure looks like a full featured linux dist, but they sure forgot to put clear simple instructions to get my router running it. They seem to try to be so many things that they forgot to cater to, what seems to me to be, their most plentiful potential users: Linux users that would like to run OpenWrt in a router.
No, I don't want to edit /etc/network files, I want a simple GUI that does the job.
Parent
Re:I have a suggestion ... (Score:4, Interesting)
Sure Tomato is nice - as long as you can still get hardware for it.
Sure OpenWrt may lack documentation or tries to do too much stuff at once, but right now it's the only fucking router distro that makes actual progress besides tuning the ui.
DD-Wrt, Tomato, CoovaAP etc. are all stuck with binary drivers that require an ancient kernel to operate them and more and more devices that are supported by this software are already end of life or will be soon.
The point of the challange this article is to make a user friendly interface for OpenWrt (besides the three projects already working on it). If Tomato satisfies your need - fine, but if you rely an modern hardware you're out of luck. And at some point it makes more sense to spend 25$ for a cheap-ass Draft-N device with gigabit instead of being stuck with ancient Broadcom gear for 60+$ just to install Tomato.
Parent
Slashdot Editor: OpenWRT not Open-WRT (Score:5, Interesting)
You guys altered the name to Open-WRT :) Anyway, thanks for spreading the world on this and Kamikaze 8.09 release. the OpenWRT devs work hard.
Please.... (Score:5, Insightful)
Oh god no.....no Web 2.0 Crap. the router GUI is supposed to be fast, small, and compatible with EVERYTHING.
DDWRT has a problem with Firefox on the latest builds because of the stupid Web2.crap to make things more flashy instead of working right.
I am really tired of the "ooh shiny" becoming far more important than functionality lately in both projects.
Re: (Score:3, Insightful)
I am really tired of the "ooh shiny" becoming far more important than functionality lately in both projects.
I do netmgt for a living (client and server side, both) and I've turned down jobs that emphasized glitz over actual *needed* functionality.
I still maintain that a simple forms/cgi interface with NO javascript is all you need to get the job done. I wrote an entire NMS on form/cgi (1998 era) and it didn't have 'active stuff' but who the hell cares! the only lacking I had was no dynamic graphs - and I
Re:Please.... (Score:4, Insightful)
CGI doesn't scale well.
and since when does netmgt need to support LOTS of concurrent connections?
see, that's my point - unless you know the *problem space*, you are likely to over-engineer the solution.
most netmgt solutions are WAY over-engineered. they are not going to be hit by thousands of clients. likely they'll be polled frequently by a few NMS's and by frequently I mean a few packets of query every 15minutes, TOPS.
you do not need 'scaling' at the client. you just don't for this problem space.
Parent
Re: (Score:2)
But that flashy stuff, and the web2.0 is what gets the users, if you don't like it, just use telnet, that'll solve your issues out right wouldn't it ?
If i'm not in the office, and the dsl connection has an issue, it's alot easier to tell someone to click on the red button or green button etc. trying to tell a non tech person a command for iptables or something like that is just outright stupid. I'd rather have the office administrator implementing the rules she puts in place so i can get onto more important
Re:Please.... (Score:4, Insightful)
In theory, yeah.
In practice, I just checked my mail on my phone, saw a slashdot reply notification, and clicked the link. Then stared at the screen in disbelief, as the phone showed me that to show me a message maybe 2KB in size it had to download 1MB worth of crap.
Reloading the page is something that takes a very small fraction of a second, when the server isn't doing any heavy lifting, and the page doesn't have half a megabyte of javascript.
And a much larger amount of devices can show that simple page. The router interface shouldn't be flashy. It should be neat and simple, something you could deal with from a cell phone if it was needed in an emergency. I can't tell you how much I hate the websites of various device manufacturers that require hunting the link for the drivers download in the source, because the only available browser I had was lynx, and the link is impossible to find in it.
IMO, don't bother with the flashy stuff. I'll be the one who is going to mess with the router settings, and I want it stable, functional, and usable on all devices. If it prefers form over function I'll go with another product.
Parent
quick question (Score:4, Funny)
interesting contest, but I searched and couldn't find an answer to my biggest questions:
does it run linux?
are there any requirements to use it in a beowulf configuration?
any requirement to be resistant to, and remain working, after having hot grits dumped on it?
should it support QoS by streaming naked photos of natalie portman at top priority?
It is amazing how negative everyone is about this (Score:5, Insightful)
It's not like it's your money! I currently use Tomato on one of my routers. I love the interface. I don't log in very often, mostly to check those fantastic real-time usage stats.
But when I do log in, it is nice to be able to find things quickly. I respect developers who take into account usability and style. In fact, I have basically no respect for those who discount it.
You probably can code circles around me. But in the end, the customer or user only sees the interface. They only see those "useless" graphics, and that "Web 2.0 Crap". Yet, a well designed interface will allow new users to appreciate the product faster, and hopefully keep them around.
Just because the majority of web developers suck at designing "web 2.0" interfaces doesn't mean that the problem lies with the "web 2.0" part. We'd have a lot less technology if we used that metric to measure a tools value.
Re:It is amazing how negative everyone is about th (Score:5, Insightful)
In fact, I have basically no respect for those who discount it.
You probably can code circles around me. But in the end, the customer or user only sees the interface.
Actually you've hit on a major problem of programers that we don't like to talk about (well, except me, obviously..). The thing is, GUI design is a complex art, one that takes a long time to learn to do well, so its hard to be good both at visual interfaces and the often very complex code that they control.
I know this from my own work. I'm a pretty good coder (gosh, how modest of me). I can write code to just about anything, and charge a pretty penny to do so, but my ability to code a user interface is rather poor. Sure I know all the theory, but there's something extra you need, that 'eye for the visually pleasing' thats hard to cultivate unless user interfaces are what you do all the time.
I've used plenty of applications where the guy who wrote the backend code also coded the gui, and as a rule the gui is somewhat lacking. This is't just restricted to single coder projects, it also occurs when a project is full of able back end coders, and they build the gui to suit their own level of ability to use the code.
You can see this if you use Emacs. Nice though that software is in features, the interface is godawful, and actively prevents anyone new to computer usage or programing from using it.
Parent
Re: (Score:2)
You can see this if you use Emacs. Nice though that software is in features, the interface is godawful, and actively prevents anyone new to computer usage or programing from using it.
What would you honestly change? 99% of the feature set is packed up in control sequences. If you're using the GUI at all one would have to wonder why you are using Emacs. Vi doesn't even bother.
I understand the point you are making but Emacs is really not the program to pick on because it has a *fantastic* User Interface for programmers--which is the entire point of the program. No your grandma will not be able to point-and-click her way through writing a new database application, but I think that is ok
Re: (Score:3, Interesting)
The thing is, GUI design is a complex art, one that takes a long time to learn to do well, so its hard to be good both at visual interfaces and the often very complex code that they control.
You hit the nail on the head. It's an art, and that means that, when all is said and done, it's the guy with the eye who polishes the job. Programmers can follow all the user-interface design rules laid down in the multitude of books on the subject, but if they don't have the touch, what they'll come up with may be functional, but will still look like crap. It's as inevitable as the tide. Good coding can be an art as well ... it is by no means always thus, but some developers do carry their work into the re
open source and usability (Score:5, Insightful)
Re: (Score:2)
The usability of a device has NOTHING to do with being able to skin it or apply themes. Usability is all about making the device simple for someone with limited knowledge or experience to use.
The usability of slashdot seems to be in decline, while the reliance on javascript increases. Now maybe there isn't really a causal relationship there, but correlation is enough for many people.
Re: (Score:2)
Couldn't agree with your more.
Also as a systems administrator, i like gui's, generally good ones allow me to get my job done faster, not slower, if I have to, I'll drop to cli, but in a good gui you don't have to, if the gui is written well for usability, you'll be able to cover 95% of what you need to do, and beening able to do that quickly and efficiently is the important thing
Re: (Score:2)
Who doesn't enjoy a program that, when you hover your mouse over an option, you get a description of what the option does and why you should use it?
"Contextual help" makes even the most alien programs a dream to use.
"Simplicity and intuitiveness for the end user" (Score:5, Insightful)
"Simplicity and intuitiveness for the end user (both newbie and expert)"
Maybe this will be won by the most blinged-up interface but there's hope here that the competition organisers get some well thought out entries which help guide the users through the configuration of their routers.
Some installs are jargon heavy and just assume you know what all the options mean, little to no explanation or help. I've spent many hours sweating over some WRT GUIs that have (to me as a relative beginner) had meaningless options. I really really want to use these excellent installs but I get really put off by zero-to-poor documentation or explanations of what all the options are.
A simple interface with excellent documentation and guidance would be worth the prize.
Flash based (Score:5, Funny)
Can it be Flash based? I've got some cool ideas involving fancy animated text effects and transitions that would be really useful for a router interface.
Re: (Score:3, Funny)
Can it be Flash based? I've got some cool ideas involving fancy animated text effects and transitions that would be really useful for a router interface.
Gah. I think I'm going to be sick. Yeah, you earned that +5 funny.
If you really like CLI and have decent knowledge (Score:2)
If you really like CLI and have decent knowledge in networking then give Vyatta a try. No GUI at all.
I've tried it and it's not too hard. Just have to pay close attention to the syntax or you'll screw it up.
GUI in routers do provide a quick glace as to what is going on. High end Cisco routers do NOT have a nice web-gui as it is entirely CLI based except for some home versions of the PIX.
I personally use DD-WRT v24 SP1 in all of my wireless access points (they're really routers but I turned those function
It's not that easy (Score:3, Informative)
It looks like the overall discussion quickly drifted away from the actual topic and the further degrades into insults and endless discussions about cli vs. gui / enduser vs. professional etc. But hey, this is slashdot so I think it's expected.
Anyway, I think that most people miss the point here. The challange is about to implement a (new) gui for the Ubiquity Router Station, based on AirOS which is actually a snapshot of the OpenWrt Kamikaze trunk with some patches added for board support and another proprietary hal to drive the Atheros cards used with the board.
The RouterStation [ubnt.com] is not exactly a SOHO device, it's a bare embedded board featuring a fast MIPS cpu and three MiniPCI slots, POE and some other fuzz.
It has higher specs then the average Broadcom gear and is intended for larger infrastructure deployments, like wisps etc.
So far on the target hardware. Since one requirement is to use OpenWrt/AirOS as base operating system, one can rule out Tomato (which ppl quickly suggested) since it's built on top of the former disclosed Linksys SDK for WRT54G devices and relies heavily on a Linux 2.4 kernel to use bcm43xx wireless phy. Part of the original Linksys firmware design was the use of nvram as central configuration storage which is abandonned in nowadays Kamikaze releases. Anyway - I think it's nearly possible to rip the gui off an existing firmware project and refactor it to run on top of OpenWrt, it would be easier to just start from scratch.
Now the list of required features [ubnt.com] is pretty long and includes stuff that's not present in (half) open source firmwares like Tomato, DD-Wrt or OpenWrt. It includes things like bgp/ospf routing, bonding, snmp or layer 2 firewalling (ebtables, arp nat ...) just to name a few. That are things a normal ui designer can't draft without the support of one or more networking experts who actually know whats this about and how it's done properly. Some of that features also are inherently complex and can't be fully abstracted away with some fancy ui elements and a short help text on each page. On the other hand an ui allows to present complex relations like traffic flow, qos behaviour, wifi signal stength etc. in a visual way that can't be accomplished with a cli-only interface.
The to-be-developed ui is not intended for casual users that just want to hook up a bunch of computers and get into the internet. It's also not intended to be used by people who don't have a clue about networking or don't want to learn about the principles of the involved technologies. You have to keep in mind that the interface should be able to handle multiple wifi cards with multiple wireless networks each, that it should ease the setup of complex network configurations without limiting the amount of possible options. It's also not about a fancy web 2.0 portal or shiny flash interfaces, just to please possible customers.
Imho the ui should also be designed in such a way that it allows a smooth coexistance with cli-based workflows. Neither Tomato nor DD-Wrt provide such abilities since the underlying system is optimized to be used by the ui and hardly intuitive to use via the cli. Think of it like the relation of Linux and Xorg. You can uninstall all X related stuff and still have a functional system where you can access all resources etc.
Another fact to worry about is the portability of such an ui - if one wants to make it into a generic interface for OpenWrt, it would have to support a wide range of hardware from simple Linksys boxes to X86 gear like Avila or Alix boards, tt would have to support wireless configuration for madwifi, legacy broadcom and mac80211 based wireless drivers, each with different ways of configuration. Oh - and it should support kernel 2.4 and 2.6 which becomes a real pain if one relies on sysfs for state information.
Also the choice of the programming language and framework matters, one could go ahea
some suggestions .... (Score:4, Interesting)
Re:needs an easy way to edit firewall rules (Score:5, Insightful)
Not everyone should be administering a network either. Any literate adult meets all of the requirements necessary to learn how to do so but there are plenty of people who should not perform this task. The system is self-correcting however; the ones who shouldn't have done so are the ones who have most of the problems. If you a) don't know how to properly do something and b) refuse to learn how to properly do it, then it makes sense to ask (or hire) someone else to do it for you.
The people who think that this simple observation somehow does not apply to them, or that getting pissed off at someone like me who points that out is going to change the reality of the situation, well, I bet they wonder why they have such bad "luck" with these things. You attempted something that you don't actually know how to do and experienced undesired results; what a surprise, it must have been those evil elitist geeks! Seriously though it's amazing how upset people get sometimes when you dare to suggest that there are tasks which require a bit of skill and that doing them without that bit of skill can cause problems. You'd think that this were some kind of highly controversial position for which there was no conclusive evidence.
To more directly answer your post, I think iptables itself is rather irrelevant. The story is about a router GUI, which would probably be a front-end to iptables. There are some very nice GUI tools available for iptables; if Open-WRT's offerings are on a par with them, then they would provide a way to edit firewall rules that's about as easy as it's going to get. I do think that a firewall is one of those few applications where there is some inherent complexity that cannot be made much simpler without severely compromising the device. It's like that Albert Einstein quote (paraphrase): "Things should be made as simple as possible, but no simpler."
For that reason, I question the type of "easy to use" to which you refer. If you have a solid working knowledge of TCP/IP, then you should be able to handle any firewall and "easy to use" would mean automating what can be automated to save you some keystrokes and to avoid some unnecessary tedium. If you don't have a solid working knowledge of TCP/IP, it would probably mean dumbing things down to make up for your lack of understanding, which of course would result in a less thorough or a less accurate configuration.
Given the security issues that can arise from a misconfigured firewall, I would suggest that this is one area where enabling people who don't really understand what they're doing is asking for trouble. You're not really doing the less-knowledgable any favors by setting up a situation, in the name of convenience, where they are likely to have problems that they won't know how to solve. The good news is that there is abundant documentation on both TCP/IP and iptables, so anyone who is interested and motivated can easily learn how they work.
Parent
Re: (Score:2)
If you a) don't know how to properly do something and b) refuse to learn how to properly do it, then it makes sense to ask (or hire) someone else to do it for you.
This is something I've never entirely understood about computing. Why should it be easy for someone with no knowledge of computers be easy to do relatively complex tasks, like a complex OS install or configuring a firewall?
Most people are too terrified to open the bonnet of their car to check the oil, and rely on paying someone to fix it when it
Re: (Score:2, Insightful)
Naw... (Score:5, Insightful)
Maybe the task is needlessly complex? Why should somebody connecting to a access point need to configure which encryption protocol to use? Why should the damn WiFi card and the access point negotiate automagically and *pick the damn best one they both support*?
^ this space reserved for replies telling me that the protocol doesn't allow it. Well you know what? The user isn't broken, the protocol is. 802.11/whatever is horribly insecure because the protocol doesn't fucking handle the encryption for you. Let me pick a key on the router, type it into the laptop, and the damn things can pick WAP, WPA, WEP, WAZOO or whatever the fuck some encryption dudes dream up all on their own. As long as it works and is secure, I dont really care what the hell protocol is used.
Blame the user is arrogant, stupid and is increasingly a black mark on employment. The world expects the programmer and the designer to do everything for them. That is the market. Deal with it. Programmers who design usable stuff will find their skills highly desired. Programmers who say users are spoiled children will rapidly find nobody wants to hire them.
You know who to blame? Blame the designers and programmers for not understanding what the goals and tasks are. Blame the designers (or lack thereof) and programmers for not removing all the roadblocks in the way of accomplishing said goals and tasks.
Honestly, the real reason programmers get bent out of shape (*cough*aside from the weird vibes coming from those still in the computing stone age like RMS*cough*) is that programming a usable interface is very hard. Lots of edge cases and you can't catch all of them. Really, the shit is hard and no silver bullet will ever be found that makes the hardness go away.
Parent
Re: (Score:3, Interesting)
Re: (Score:3, Interesting)
I guess the hard part is the "working and secure" bit then. I think you are generalizing too much.
Networking used to be horrible. Different protocols, different hardware. Lots of fads, each as much as a pain to set up as the last. No point and click email server wizards. Site-to-site was by modem, not VPN. When men were men and the cable was coax, that sort of thing.
It has gotten to the point now where you have a router, modem, AP, and switch in one, for $50 or something. Network speed is automatically nego
Re:needs an easy way to edit firewall rules (Score:4, Interesting)
1) If your router is also a switch/hub, it can analyze the internal network traffic and learn computer names (if windows file sharing is enabled anyway).
2) It can tap the internet to look up stuff like mac addresses and other statistical traffic patterns to identify things like your Tivo or XBox.
3) You can invent an internal protocol that enables your household computers and devices to communicate to the router what the fuck they are. Odds are good you can use fancy crypto to make sure that the computers and devices can't lie if they get compromised.
4) Make a training mode that lets everything go through and when you are done, the router uses the wealth of statistical bullshit it collected in steps 1->3 to give the user a report outlining the househouse hold traffic.
5) The user can then "lock" the router and not let anything but what was configured in #4
6) If something odd happens, or the router detects new computers (say a laptop, etc). The magic protocol in step 2 would send some kind of alert to a computer, your email, your phone... something... basically saying "hey man, something changed... you might have to retrain me".
My idea, obviously, is a very crude outline. But you get the idea. Everything can be simplified if you focus in on exactly what the task at hand is and leave the rest of the bullshit out. In fact, I bet you can design the firewall configuration in such a way that the user never needs to see IP addresses or port numbers. All they see is friendly computer names (deduced from #1->#3) and descriptions of the traffic.
Nerds, obviously, wouldn't like this--instead wanting some geeky bullshit. But they can piss up a rope as far as I'm concerned. This is a mass market device intended for people who just want to feel secure that nobody is hacking their shit.
Parent