[FS#640] Undocumented / unnamed firewall rules installed by default
LEDE Bugs
lede-bugs at lists.infradead.org
Wed Mar 22 07:18:14 PDT 2017
The following task has a new comment added:
FS#640 - Undocumented / unnamed firewall rules installed by default
User who did this - Michael Jones (jonesmz)
----------
Since you marked this bug report as "not-a-bug", I take it that you consider it desirable for default configuration files to show up with blank name in LUCI?
Perhaps I should submit a patch to the mailing list that removes the lines containing
option name 'Allow-DHCP-Renew'
option name 'Allow-Ping'
option name 'Allow-IGMP'
option name 'Allow-DHCPv6'
option name 'Allow-MLD'
option name 'Allow-ICMPv6-Input'
and
option name 'Allow-ICMPv6-Forward'
from /etc/config/firewall
That'll save roughly 160 bytes, give or take.
If you don't want to remove the human readable names from the configuration file, while still making sure they show up as blank in LUCI, we could instead replace them with # style comments above the respective rules.
If you wouldn't be willing to merge that, why not? It'll make all the other default installed rules match the rules I'm complaining about in this bug report.
Please reopen this bug report. You missed the point.
LUCI displays no information to the user about the firewall rule for the ESP protocol, and no information to the user about UDP port 500. The configuration file and/or git commit history isn't sufficent, as that information isn't accessible to a user via LUCI,
----------
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=640#comment2207
More information about the lede-bugs
mailing list