Enhancement #2999

« Previous | Next »

Shorewall: allow template-custom for ESTABLISHED and RELATED connection inside rules file

Added by Giacomo Sanchietti over 6 years ago. Updated over 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-firewall-base
Target version:v6.5
Resolution: NEEDINFO:No

Description

Actual implementation doesn't allow customization of firewall rules only under NEW section, sections ESTABLISHED and RELATED can't be modified.

Some programs, for example chilli-spot, can need special rules for established connections.
Split the current template to allow this kind of customization.

Associated revisions

Revision ae28d03e
Added by Giacomo Sanchietti over 6 years ago

rules template: split ESTABLISHED/RELATED/NEW sections. Refs #2999

Revision 8c1a9f8c
Added by Giacomo Sanchietti over 6 years ago

Translations: add hotspot label. Refs #2999

History

#1 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from NEW to TRIAGED
  • Target version set to v6.5
  • % Done changed from 0 to 20

#2 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#4 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-firewall-base-2.2.2-1.1gitae28d03.ns6.noarch.rpm
  • nethserver-base-2.5.5-1.0git8c1a9f8c.ns6.noarch.rpm
Test case
  • Try to add a template-custom fragment inside the ESTABLISHED and RELATED rules:
    • for established connections: put the fragment after 10base20established, for example 10base30myrule
    • for related connections: put the fragment after 10base50related, for example 10base60myrule

#5 Updated by Davide Marini over 6 years ago

  • Status changed from ON_QA to VERIFIED
  • % Done changed from 70 to 90

#6 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in 6.5/nethserver-updates and 6.6/nethserver-base:
  • nethserver-firewall-base-2.2.3-1.ns6.noarch.rpm

Also available in: Atom PDF