Bug #3324

« Previous | Next »

Invalid firewall rules after deleting host object

Added by Giacomo Sanchietti over 5 years ago. Updated over 5 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:<multiple packages>
Target version:v6.7
Security class: Resolution:
Affected version:v6.7 NEEDINFO:No

Description

If a host created inside the DNS or DHCP page is referenced in a firewall rule, and the rule is deleted, the firewall configuration breaks with an error:

ERROR: Missing source zone /etc/shorewall/rules (line 107)

Steps to reproduce:
1. create an host from the DNS page
2. create a firewall rule with the above host
3. delete the host
4. see the error

Expected behavior
The web interface should raise an error and block the delete action.

Associated revisions

Revision 6dd6e34c
Added by Giacomo Sanchietti over 5 years ago

Web UI: use new host-delete validator. Refs #3324

History

#1 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from NEW to TRIAGED
  • Target version set to v6.7
  • % Done changed from 0 to 20

#2 Updated by Giacomo Sanchietti over 5 years ago

  • Category changed from nethserver-firewall-base to nethserver-hosts

#3 Updated by Giacomo Sanchietti over 5 years ago

  • Category changed from nethserver-hosts to <multiple packages>
  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30
The bug affects following rpms:
  • nethserver-hosts
  • nethserver-dnsmasq

#4 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#5 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-hosts-1.1.2-1.3.g9b5ae99.ns6.noarch.rpm
  • nethserver-dnsmasq-1.5.4-1.1.g6dd6e34.ns6.noarch.rpm
Test case
  • Check the bug is not reproducible

#6 Updated by Adam P over 5 years ago

  • Assignee set to Adam P

#7 Updated by Adam P over 5 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Adam P)
  • % Done changed from 70 to 90

System and Package Version installed
VMware ESXi 5.1 VM - Nethserver 6.7 fully updated
Packages Installed:
nethserver-hosts-1.1.2-1.ns6
nethserver-dnsmasq-1.5.4-1.ns6
Other Packages installed: Bandwidth monitor,Basic firewall,DNS and DHCP server,Intrusion Prevention

Test Original Problem
Bug confirmed, deleting the host displays the following error and leaves an invalid rule:
Task completed with errors
Configuring shorewall #29 (exit status 1)
ERROR: Missing source zone /etc/shorewall/rules (line 109)

Install Updated Packages
yum update --enablerepo=nethserver-testing nethserver-hosts-1.1.2-1.3.g9b5ae99.ns6.noarch
yum update --enablerepo=nethserver-testing nethserver-dnsmasq-1.5.4-1.1.g6dd6e34.ns6.noarch

Test Results after install
Test case 1:
Created host and created firewall rule. Deleted the host and the following error was displayed and the host remained:
Host
Could not delete test-host.localdomain. The host is used by firewall rules.

Verified or Reopen
Verified

#8 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-hosts-1.1.3-1.ns6.noarch.rpm
  • nethserver-dnsmasq-1.5.5-1.ns6.noarch.rpm

Also available in: Atom PDF