Bug #3040

It's impossible to add a traffic shaping port in all protocol

Added by Andrea Marchionni over 6 years ago. Updated about 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-firewall-base
Target version:v6.6
Security class: Resolution:
Affected version:v6.5 NEEDINFO:No

Description

If I want to add a tcp port in high/medium/low priority in the traffic shaping and after the same port in another protocol, the first configuration is overwritten by the second.
This happens because the key database is the port.

Database configuration after insertion of port 53 udp

db tc show

53=port
Description=DNS
Priority=1
Proto=udp

Database configuration after insertion of port 53 tcp

db tc show

53=port
Description=DNS
Priority=1
Proto=tcp

There is only one entry.

Associated revisions

Revision 8bfee7d0
Added by Giacomo Sanchietti about 6 years ago

Traffic shaping: support rules for tcp and udp protocols. Refs #3040

History

#1 Updated by Filippo Carletti over 6 years ago

  • Target version set to ~FUTURE

#2 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from NEW to TRIAGED
  • Target version changed from ~FUTURE to v6.6
  • % Done changed from 0 to 20

#3 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#4 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#5 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-firewall-base-2.6.2-1.1.g8bfee7d.ns6.noarch.rpm
Test case
  • Check the bug is not producible

NOTE: update developer manual before release.

#6 Updated by dz0 0te about 6 years ago

  • Assignee set to dz0 0te

#7 Updated by dz0 0te about 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (dz0 0te)
  • % Done changed from 70 to 90

System and Package Version installed
VM KVM - Clean install of Nethserver 6.6 fully updated with 2 eth for wan e lan
Package Installed: nethserver-firewall-base-2.6.2-1.ns6.noarch
Other Packages installed: Basic firewall

Test Original Problem
From Traffic Shapinng > Port Rules, created new rule for port 1194 tcp
Then created a new rule on port 1194 udp
With "db tc show" only the latest one is showed

Install Updated Package

yum --enablerepo=nethserver-testing update nethserver-firewall-base-2.6.2-1.1.g8bfee7d.ns6

Test Results after update
There is one rule already created on 1194/udp. Trying to create a new rule on 1194/tcp return this correct alert:

"Destination port
A rule for the same port already exists" 

But now we can edit the existent rule 1194/udp and change protocol to "tcp,udp" and submit it.
"db tc show":
    1194=port
    Description=ovpntest
    Priority=1
    Proto=tcp,udp

Traffic Shapinng > Port Rules, show both protocol enabled for the port 1194
Also the creation of new rule for other ports with both protocols enabled works correctly

Note
Tested only the bugfix for db configuration, not if the traffic shaping works correctly with those value

#8 Updated by Davide Principi about 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

In nethserver-updates:
nethserver-firewall-base-2.6.3-1.ns6.noarch.rpm

Also available in: Atom PDF