Public bug reported:
Hi,
ufw makes it difficult to deploy firewall rules through management
systems like puppet, ansible or other scripts.
ufw has three points where to put rules in:
before.rules
user.rules
after.rules
the ufw command accepts only a very limited sort of rules, and user.rules
should not be used to deploy files, since user changes would be overwritten.
before.rules and after.rules could easily be used for that purpose, but
then the machine is cut from automated updates through apt, since apt
refuses (for good reason) to replace modified files in /etc.
It would be much better to have a directory like /etc/ufw/rules_v4.d ,
to put the old-fashioned three files into 20_before, 50_user and
70_after, and to execute all rules in this directory, thus allowing to
have additional rules in separate files.
regards
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: ufw 0.35-0ubuntu2
ProcVersionSignature: Ubuntu 4.4.0-59.80-generic 4.4.35
Uname: Linux 4.4.0-59-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.4
Architecture: amd64
CurrentDesktop: LXDE
Date: Sat Jan 28 16:21:02 2017
PackageArchitecture: all
SourcePackage: ufw
UpgradeStatus: Upgraded to xenial on 2016-04-06 (297 days ago)
** Affects: ufw (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug xenial
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1660040
Title:
old-fashioned ufw structure reduces usability
Status in ufw package in Ubuntu:
New
Bug description:
Hi,
ufw makes it difficult to deploy firewall rules through management
systems like puppet, ansible or other scripts.
ufw has three points where to put rules in:
before.rules
user.rules
after.rules
the ufw command accepts only a very limited sort of rules, and user.rules
should not be used to deploy files, since user changes would be overwritten.
before.rules and after.rules could easily be used for that purpose,
but then the machine is cut from automated updates through apt, since
apt refuses (for good reason) to replace modified files in /etc.
It would be much better to have a directory like /etc/ufw/rules_v4.d ,
to put the old-fashioned three files into 20_before, 50_user and
70_after, and to execute all rules in this directory, thus allowing to
have additional rules in separate files.
regards
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: ufw 0.35-0ubuntu2
ProcVersionSignature: Ubuntu 4.4.0-59.80-generic 4.4.35
Uname: Linux 4.4.0-59-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.4
Architecture: amd64
CurrentDesktop: LXDE
Date: Sat Jan 28 16:21:02 2017
PackageArchitecture: all
SourcePackage: ufw
UpgradeStatus: Upgraded to xenial on 2016-04-06 (297 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1660040/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
