Todo #13505
closedCorrect DHCP client rule descriptions in the generated firewall ruleset
0%
Description
Rules automatically added for interfaces running as dhcp clients allow traffic out and replies back in.
However both rules are given the same label "allow dhcp client out $interface" confusingly implying outbound traffic.
In the situation that there are other DHCP clients on the WAN that traffic can be passed in and is unexpectedly logged inbound with the description 'out'.
Suggest using "allow dhcp replies in" for the inbound rule
Updated by Steve Wheeler about 2 years ago
Updated by Steve Wheeler about 2 years ago
Updated by Christian McDonald about 2 years ago
- Status changed from New to Feedback
- Assignee set to Steve Wheeler
Updated by Alhusein Zawi about 2 years ago
- Status changed from Feedback to Resolved
added
pass in quick on $WAN proto udp from any port = 67 to any port = 68 ridentifier 1000000461 label "allow dhcp replies in WAN"
pass out quick on $WAN proto udp from any port = 68 to any port = 67 ridentifier 1000000462 label "allow dhcp client out WAN"
2.7.0-DEVELOPMENT (amd64)
built on Fri Sep 30 20:10:57 UTC 2022
Updated by Jim Pingle about 2 years ago
- Target version changed from CE-Next to 2.7.0
- Plus Target Version changed from Plus-Next to 23.01
Updated by Jim Pingle about 2 years ago
- Subject changed from Clarify dhcp client rule description to Correct DHCP client rule descriptions in the generated firewall ruleset
Updating subject for release notes.