Enhancement #2775
Firewall: support DNS/DHCP objects in firewall rules
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-firewall-base | |||
Target version: | v6.5 | |||
Resolution: | NEEDINFO: | No |
Description
When creating (or editing) a rule inside the Firewall rules page, the system should handle hosts defined in DNS/DHCP page among hosts created inside the Firewall objects page.
Hosts selected from DNS/DHCP page will be translated into their own IP addresses inside the templates.
Associated revisions
FirewallRules: pick DNS/DHCP hosts for fw rules. Refs #2775
History
#1 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from NEW to TRIAGED
- Target version set to v6.5
- % Done changed from 0 to 20
#2 Updated by Davide Principi about 7 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Davide Principi
- % Done changed from 20 to 30
#3 Updated by Davide Principi about 7 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 30 to 60
Test case
When selecting a rule Source/Destination, elements of DNS&DHCP (having record type remote
or local
) must be listed and selectable. The Dst/Src
value prefix must be host;
. E.g.:
# db fwrules show 15 15=rule Action=accept Dst=host;notebook-davide Log=none Position=512 Service=any Src=host;pulp.nethserver.org status=enabled
#4 Updated by Davide Principi about 7 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-firewall-base-1.1.0-68.0gitbc80849a.ns6.noarch.rpm
#5 Updated by Giacomo Sanchietti about 7 years ago
- Assignee set to Giacomo Sanchietti
#6 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 70 to 90
- testdhcp: dhcp reservation
- test.nethesis.it: dns record
Both can be selected from web UI and are correctly saved.
Extract from rules file:
# # RULE host;test.nethesis.it -> host;testdhcp # ?COMMENT ACCEPT:none net:192.15.6.7 loc:192.168.5.225 all
Database:
[root@localhost ~]# db fwrules show 1=rule Action=accept Dst=host;testdhcp Log=none Position=64 Service=any Src=host;test.nethesis.it status=enabled
#7 Updated by Davide Principi almost 7 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
In nethserver-updates:
nethserver-firewall-base-2.0.0-1.ns6.noarch.rpm