Bug #3210

Blocked firewall policy is too restrictive

Added by Filippo Carletti about 6 years ago. Updated about 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-firewall-base
Target version:v6.6
Security class: Resolution:
Affected version:v6.6 NEEDINFO:No

Description

The manual (http://docs.nethserver.org/en/latest/firewall.html#policy) says that traffic from the lan to the internet is not permitted when the policy is set to blocked.
However, the firewall itself needs to connect to the net to receive updates, but when the policy is "Blocked" also the firewall is blocked.

Associated revisions

Revision 6697fc8c
Added by Filippo Carletti about 6 years ago

shorewall: fix fw2net policy in Blocked mode. Refs #3210

History

#1 Updated by Filippo Carletti about 6 years ago

  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20

It seems a typo in the shorewall policy template file.

#2 Updated by Filippo Carletti about 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Filippo Carletti
  • % Done changed from 20 to 30

#3 Updated by Filippo Carletti about 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Filippo Carletti)
  • % Done changed from 30 to 60

#4 Updated by Giacomo Sanchietti about 6 years ago

  • Target version set to v6.6

#5 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-firewall-base-2.6.3-1.5.g6697fc8.ns6.noarch.rpm
Test case
  • Check the bug is not reproducible

#6 Updated by Nicola Rauso about 6 years ago

  • Assignee set to Nicola Rauso

#7 Updated by Nicola Rauso about 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Nicola Rauso)
  • % Done changed from 70 to 90
Package in nethserver-testing:
  • nethserver-firewall-base-2.6.3-1.5.g6697fc8.ns6.noarch.rpm
Test case
  • Check the bug is not reproducible

Tested: OK

#8 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-firewall-base-2.6.4-1.ns6.noarch.rpm

Also available in: Atom PDF