Add directory support for before.rules and after.rules
Bug #910324 reported by
Marcus
This bug affects 3 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| ufw |
Triaged
|
Wishlist
|
Unassigned | ||
Bug Description
It would be nice if ufw could support using a before.rules.d/* and after.rules.d/* definition using multiple files. This would make it easier to manage rule sets for systems and different system types without having to merge them with the local rule settings and would allow to manage rules more easily in version control systems like bzr or git.
| Changed in ufw: | |
| importance: | Undecided → Wishlist |
| status: | New → Triaged |
Revision history for this message
| Hadmut Danisch (hadmut) wrote | #1 |
To post a comment you must log in.
Well, I've simulated this by putting
case "$1" in
start)
if [ -d /etc/ufw/before.d ]; then
# --exit-on-error
fi
;;
...
into before.init, which works, but breaks updating since this is a file of the ufw package. To get this really effective, it would have to be defined as a standard, making package maintainers to put their scripts into these directories.
Since ufw supports only a subset of iptables, this is needed to implement functions not covered by ufw, e.g. ipset.