Bug 1391276 - RFE: Add an ID and name for rich and direct rules
Summary: RFE: Add an ID and name for rich and direct rules
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: firewalld
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Eric Garver
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-11-02 22:37 UTC by Peter Tselios
Modified: 2017-08-17 19:47 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Peter Tselios 2016-11-02 22:37:43 UTC 
Feature Request

Description of problem:
When we create a rich rule, the only way to manipulate them is by writing the whole rich rule. 
For example, we have a rule that allows connection to port 3128 for a specific IP.
If we want to check for it's presence we need to search for the specific rule. 
Removing the rule again requires to write the complete rich rule. 

Version-Release number of selected component (if applicable):
All

How reproducible:
firewall-cmd --add-rich-rule='rule family=ipv4 source address=192.168.1.18 port protocol=tcp port=3128 accept'

Actual results:
To remove the rule we need to write the rule again. 

Expected results:


What I propose is to add an extra argument, name or id. 
So, the command will be 
firewall-cmd --add-rich-rule='name=proxy-28 rule family=ipv4 source address=192.168.1.18 port protocol=tcp port=3128 accept'

Then, we would remove the rich rule using the name instead of the whole rule.
Comment 1 Thomas Woerner 2017-02-03 09:39:35 UTC 
That is really a nice idea.
Comment 2 Peter Tselios 2017-02-03 09:40:07 UTC 
Thank you :)
Note You need to log in before you can comment on or make changes to this bug.