Project

General

Profile

Actions

Todo #13505

closed

Correct DHCP client rule descriptions in the generated firewall ruleset

Added by Steve Wheeler about 2 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Rules / NAT
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
23.01
Release Notes:
Default

Description

Rules automatically added for interfaces running as dhcp clients allow traffic out and replies back in.
However both rules are given the same label "allow dhcp client out $interface" confusingly implying outbound traffic.
In the situation that there are other DHCP clients on the WAN that traffic can be passed in and is unexpectedly logged inbound with the description 'out'.

Suggest using "allow dhcp replies in" for the inbound rule

Actions #3

Updated by Christian McDonald about 2 years ago

  • Status changed from New to Feedback
  • Assignee set to Steve Wheeler
Actions #4

Updated by Alhusein Zawi about 2 years ago

  • Status changed from Feedback to Resolved

added

pass in quick on $WAN proto udp from any port = 67 to any port = 68 ridentifier 1000000461 label "allow dhcp replies in WAN"
pass out quick on $WAN proto udp from any port = 68 to any port = 67 ridentifier 1000000462 label "allow dhcp client out WAN"

2.7.0-DEVELOPMENT (amd64)
built on Fri Sep 30 20:10:57 UTC 2022

Actions #5

Updated by Jim Pingle about 2 years ago

  • Target version changed from CE-Next to 2.7.0
  • Plus Target Version changed from Plus-Next to 23.01
Actions #6

Updated by Jim Pingle about 2 years ago

  • Subject changed from Clarify dhcp client rule description to Correct DHCP client rule descriptions in the generated firewall ruleset

Updating subject for release notes.

Actions #7

Updated by Jim Pingle about 2 years ago

  • Tracker changed from Feature to Todo
Actions

Also available in: Atom PDF