FESCo: defer to next week, test this firewall and ask Thomas about details mentioned by mitr

• this lists libvirtd as dependency. What about NetworkManager, wireshark (hardcodes /sbin/iptables), s-c-printer (uses the old D-Bus interface)?
• talks about a tray applet, do we even have these?
• the fedorahosted repo has not had a single commit since last February

To be explicit, I like having a higher-level interface, but I'm really concerned about having two parallel firewall stacks forever a la !NetworkManager/network-scripts; there should be an one-time, explicit transition.

• about dependencies: I am adding a migration plan for the feature page. Most ip*tables and ebtables dependant packages should be migrated in F-17 alpha state. Planned is to have a soft migration, that original firewall code and also firewalld can be used according to needs.
• tray applets are still used by kde, xcfe and other desktops and window managers. For gnome a gnome-shell-extension will be added to integrate the applet in the panel.
• about the fedorahosted repo: lots of new code has been checked in recently.
• a explicit transition is planned in the F-17 timeframe, depends on user requests and demands. But a fallback to the static firewall model with system-config-firewall/lokkit should be possible.

Accepted at fesco meeting 06-02-2012