Ticket #839 (confirmed bug)
Firewall not working in bridge mode
|Reported by:||matthijs||Owned by:||john.crispin@…|
When in bridge mode, the (wan) firewall settings are not working. Every port is open by default, since there is no separate WAN zone anymore. There are still rules generated in the input_daemon chain, but those point to zone_wan_ACCEPT and zone_wan_REJECT which are empty.
Additionally, the SSH hammering protection stops working in bridge mode.
All of this is sort of expected, but it would be nice if we could still distinguish a WAN zone in bridge mode, for example by matching the LAN ip subnet into the LAN zone and putting all of the other addresses in the WAN zone.