Bug 1391276

Summary: RFE: Add an ID and name for rich and direct rules
Product: [Fedora] Fedora Reporter: Peter Tselios <tselios.petros>
Component: firewalldAssignee: Eric Garver <egarver>
Status: NEW --- QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: twoerner
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Peter Tselios 2016-11-02 22:37:43 UTC
Feature Request

Description of problem:
When we create a rich rule, the only way to manipulate them is by writing the whole rich rule. 
For example, we have a rule that allows connection to port 3128 for a specific IP.
If we want to check for it's presence we need to search for the specific rule. 
Removing the rule again requires to write the complete rich rule. 

Version-Release number of selected component (if applicable):
All

How reproducible:
firewall-cmd --add-rich-rule='rule family=ipv4 source address=192.168.1.18 port protocol=tcp port=3128 accept'

Actual results:
To remove the rule we need to write the rule again. 

Expected results:


What I propose is to add an extra argument, name or id. 
So, the command will be 
firewall-cmd --add-rich-rule='name=proxy-28 rule family=ipv4 source address=192.168.1.18 port protocol=tcp port=3128 accept'

Then, we would remove the rich rule using the name instead of the whole rule.

Comment 1 Thomas Woerner 2017-02-03 09:39:35 UTC
That is really a nice idea.

Comment 2 Peter Tselios 2017-02-03 09:40:07 UTC
Thank you :)