Ticket #839 (confirmed bug)

Opened 3 years ago

Last modified 5 months ago

Firewall not working in bridge mode

Reported by: matthijs Owned by: john.crispin@…
Priority: normal Milestone:
Component: fon-network Version: 2.3.6.0 (Gari)
Severity: major
Cc: giuseppeg88@… Hardware: 2.0n (FON2300)

Description

When in bridge mode, the (wan) firewall settings are not working. Every port is open by default, since there is no separate WAN zone anymore. There are still rules generated in the input_daemon chain, but those point to zone_wan_ACCEPT and zone_wan_REJECT which are empty.

Additionally, the SSH hammering protection stops working in bridge mode.

All of this is sort of expected, but it would be nice if we could still distinguish a WAN zone in bridge mode, for example by matching the LAN ip subnet into the LAN zone and putting all of the other addresses in the WAN zone.

Attachments

Change History

Changed 3 years ago by matthijs

  • status changed from new to confirmed

Changed 5 months ago by matthijs

When we fix this, we should make it easy to somehow get back to the old behaviour: Add a "disable firewall" checkbox in the internet settings in bridge mode, or something like that.

Add/Change #839 (Firewall not working in bridge mode)

Author


E-mail address and user name can be saved in the Preferences.


Action
as confirmed
 
Note: See TracTickets for help on using tickets.