Rules specifying a deleted interface skipped
|Priority:||Very Low||Due date:|
|Affected version:||2.0||Affected Architecture:|
(updated to reflect status in 2.0, and moved from cvstrac)
When an interface is deleted, any rules referencing that interface's subnet or address are skipped. This has the potential to either firewall things that shouldn't be, or allow traffic the administrator doesn't want. Given the subnet is deleted, that isn't likely.
Ideally should disable the affected rules when an interface is deleted, and warn the user that rules referencing the deleted interface have been disabled. As is, they're left there and the field that used to reference the deleted interface is blank on firewall_rules.php. If you edit the rule, it forces you to change the field that used to reference the deleted interface before saving, so this is much better than 1.2.x.