Enhancement #2571
Firewall ping response
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-firewall-base | |||
Target version: | v6.5-beta3 | |||
Resolution: | NEEDINFO: | No |
Description
NethServer firewall disables ping responses from the internet by
default, but this behaviour confuses the sysadmin when trying to
diagnose network problems.
I know that a lot of people prefer to have ping responses disabled,
but it's only security through obscurity and it adds nothing to real
security.
I propose to change the default to enabled ping responses, with a db
prop to disable pings.
Relevant template fragment:
/etc/e-smith/templates/etc/shorewall/rules/20ping
Associated revisions
Enable firewall ping response. Refs #2571
History
#1 Updated by Filippo Carletti over 7 years ago
- Status changed from NEW to TRIAGED
- Assignee set to Filippo Carletti
- % Done changed from 0 to 20
#2 Updated by Filippo Carletti over 7 years ago
- Status changed from TRIAGED to MODIFIED
- Assignee deleted (
Filippo Carletti) - % Done changed from 20 to 60
Test: update nethserver-firewall-base and ping wan (red) interface: it should answer ping requests.
#3 Updated by Davide Principi over 7 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-firewall-base-1.0.7-1.0git503eed4f.ns6.noarch.rpm
#4 Updated by Davide Principi over 7 years ago
- Assignee set to Davide Principi
#5 Updated by Davide Principi over 7 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 70 to 90
VERIFIED
Ping responses after upgrading to nethserver-firewall-base-1.0.7-1.0git503eed4f.ns6.noarch.rpm
#6 Updated by Davide Principi over 7 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
In nethserver-updates:
nethserver-firewall-base-1.0.8-1.ns6.noarch.rpm