Page MenuHomeVyOS Platform
Create Task
Maniphest T59

Inspect action still exists in firewall and should be removed
Closed, ResolvedPublicBUG
Actions

Description

# set firewall name Foo rule 10 action 
Possible completions:
   drop         Rule action to drop
   reject       Rule action to reject
   accept       Rule action to accept
   inspect      Rule action to inspect

The inspect action was for the IPS/IDS (Snort), which is long gone. It's confusing at best, and possibly network breaking because it looks benign, but its real effect in the current system is "drop all traffic".
Until we figure out how to get the IPS functionality back, it should not be there.

Details

Difficulty level
Easy (less than an hour)

Event Timeline

dmbaturin created this task.May 4 2016, 12:47 PM
mickvav added a subscriber: mickvav.May 4 2016, 3:09 PM

Did you run into some trouble with snort? Are there any discussion on this topic somewhere?

N.B. May be just change the code to do '-j LOG' on this action, if snort is not an option?

syncer added a project: VyOS 1.2 Crux.Jun 10 2018, 4:35 AM
syncer added subscribers: Maintainers, Active contributors.
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc4); removed VyOS 1.2 Crux.Oct 13 2018, 10:09 AM
syncer assigned this task to hagbard.Oct 20 2018, 4:35 AM
syncer changed the subtype of this task from "Task" to "Bug".Oct 20 2018, 4:51 AM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc5); removed VyOS 1.2 Crux (VyOS 1.2.0-rc4).Oct 24 2018, 4:40 PM
hagbard added a comment.Oct 26 2018, 7:07 PM

https://github.com/vyos/vyatta-cfg-firewall/commit/d4799d1715fc3177b84d66af406fa3028a95d254
pkg checked out ok in ci, tested and verified locally in 1.2.0-rolling+201810211757.

hagbard closed this task as Resolved.Oct 26 2018, 7:07 PM
syncer added a project: VyOS-1.2.0-GA.Oct 26 2018, 7:11 PM
syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-rc5) board.
pasik added a subscriber: pasik.Oct 31 2018, 7:47 AM