Bug #3052
VPN: missing firewall policy
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | <multiple packages> | |||
Target version: | v6.6 | |||
Security class: | Resolution: | |||
Affected version: | v6.5 | NEEDINFO: | No |
Description
Following policies are missing for ivpn and ovpn zones:
- ivpn to firewall (
ivpn $FW ACCEPT
) - ivpn to blue and orange
- ovpn to blue and orange
Associated revisions
shorewall: add policy for built-in zones. Refs #3052
shorewall: add missing ivpn2fw policy. Refs #3052
shorewall: add policy for built-in zones. Refs #3052
History
#1 Updated by Giacomo Sanchietti over 6 years ago
- Category set to <multiple packages>
- Status changed from NEW to TRIAGED
- Target version set to v6.6
- % Done changed from 0 to 20
- Affected version set to v6.5
#2 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Giacomo Sanchietti
- % Done changed from 20 to 30
#3 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 30 to 60
#4 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
Packages in nethserver-testing:
- nethserver-openvpn-1.1.2-1.9.gac620ff.ns6.noarch.rpm
- nethserver-ipsec-1.0.2-1.4.g66dbee5.ns6.noarch.rpm
- Check the following rule is present in
/etc/shorewall/policy
ivpn $FW ACCEPT
- Configure an interface in blue zone
- Check corresponding policies for ivpn, lvpn and ovpn zones are created
- Configure an interface in orange zone
- Check corresponding policies for ivpn, lvpn and ovpn zones are created
#5 Updated by Davide Marini over 6 years ago
- Status changed from ON_QA to VERIFIED
- % Done changed from 70 to 90
#6 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
Released in nethserver-base:
- nethserver-openvpn-1.2.0-1.ns6.noarch.rpm
- nethserver-ipsec-1.0.3-1.ns6.noarch.rpm