Opened 8 years ago

Last modified 5 years ago

#839 confirmed bug

Firewall not working in bridge mode

Reported by: matthijs Owned by: john.crispin@…
Priority: normal Milestone:
Component: fon-network Version: (Gari)
Severity: major
Cc: giuseppeg88@… Hardware: 2.0n (FON2300)


When in bridge mode, the (wan) firewall settings are not working. Every port is open by default, since there is no separate WAN zone anymore. There are still rules generated in the input_daemon chain, but those point to zone_wan_ACCEPT and zone_wan_REJECT which are empty.

Additionally, the SSH hammering protection stops working in bridge mode.

All of this is sort of expected, but it would be nice if we could still distinguish a WAN zone in bridge mode, for example by matching the LAN ip subnet into the LAN zone and putting all of the other addresses in the WAN zone.

Attachments (0)

Change History (2)

comment:1 Changed 8 years ago by matthijs

  • Status changed from new to confirmed

comment:2 Changed 5 years ago by matthijs

When we fix this, we should make it easy to somehow get back to the old behaviour: Add a "disable firewall" checkbox in the internet settings in bridge mode, or something like that.

Add Comment

Modify Ticket

as confirmed The owner will remain john.crispin@….

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.