Enhancement #2776

Firewall: disable unused roles

Added by Giacomo Sanchietti over 5 years ago. Updated about 5 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-firewall-base
Target version:v6.5
Resolution: NEEDINFO:No

Description

When creating (or editing) a rule, the Firewall rules page should display only roles with an associated ethernet interface.

For examples, if only red and green rules are associated to an ethernet interface, all other roles (blue, orange) should not be display among available sources and destinations.

Associated revisions

Revision 6b344b1d
Added by Giacomo Sanchietti over 5 years ago

Web UI: exclude unused roles from object picker. Refs #2776

Revision 8b447095
Added by Giacomo Sanchietti over 5 years ago

Web UI: exclude empty unused roles. Refs #2776

History

#1 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from NEW to TRIAGED
  • Target version set to v6.5
  • % Done changed from 0 to 20

#2 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from TRIAGED to ON_DEV
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti over 5 years ago

  • Assignee set to Giacomo Sanchietti

#4 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

Modifications on branch b2776.

#5 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Packages in nethserver-testing:
  • nethserver-firewall-base-1.1.0-68.0git6b344b1d.ns6.noarch.rpm
Test case 1
  • Configure only two network interfaces: one red and one green
  • Try to create a new rule
  • Check only red and green are displayed as zones in object picker (click on the source the show the object picker)
Test case 2
  • Configure 3 network interfaces: red, green and orange
  • Try to create a new rule
  • Check all 3 zones are displayed as zones in object picker

#6 Updated by Giovanni Bezicheri over 5 years ago

  • Assignee set to Giovanni Bezicheri

#7 Updated by Giovanni Bezicheri over 5 years ago

  • Status changed from ON_QA to TRIAGED
  • Assignee deleted (Giovanni Bezicheri)
  • % Done changed from 70 to 20

Not verified: a blank object is listed in rule sources/destinations.

db networks printjson:
[{"props":{"bootproto":"static","gateway":"192.168.56.1","device":"eth0","hwaddr":"08:00:27:B1:43:BB","onboot":"yes","netmask":"255.255.255.0","role":"green","ipaddr":"192.168.56.7"},"name":"eth0","type":"ethernet"},{"props":{"bootproto":"dhcp","hwaddr":"08:00:27:f3:74:21","role":"red"},"name":"eth1","type":"ethernet"},{"props":{"hwaddr":"08:00:27:50:b4:2b","role":""},"name":"eth2","type":"ethernet"},{"props":{"Network":"192.168.12.0/24","Description":"zona"},"name":"zona","type":"zone"}]

#8 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#9 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#10 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Packages in nethserver-testing:
  • nethserver-firewall-base-1.1.0-69.0git8b447095.ns6.noarch.rpm

To install this specific package version:

yum install yum-versionlock -y
yum --enablerepo=nethserver-testing  install nethserver-firewall-base-1.1.0-69.0git8b447095.ns6

Repeat previous test case.

#11 Updated by Davide Principi over 5 years ago

Rebuilt RPM with merge from branches b2774 and b2776.

In nethserver-testing:
nethserver-firewall-base-1.1.0-96.0git6f85adb5.ns6.noarch.rpm
nethserver-firewall-base-1.1.0-97.0git3def7d4e.ns6.noarch.rpm
nethserver-firewall-base-1.1.0-97.0git60f1df33.ns6.noarch.rpm

#12 Updated by Davide Principi about 5 years ago

  • Assignee set to Davide Principi

#13 Updated by Davide Principi about 5 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 70 to 90

VERIFIED

Created an orange VLAN: listed.

nethserver-firewall-base-1.1.0-100.0git8f017215.ns6.noarch

#14 Updated by Davide Principi about 5 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

In nethserver-updates:
nethserver-firewall-base-2.0.0-1.ns6.noarch.rpm

Also available in: Atom PDF