| 2017-09-24 20:37:19 |
les |
bug |
|
|
added bug |
| 2017-09-28 11:39:56 |
Jamie Strandboge |
ufw (Ubuntu): importance |
Undecided |
Medium |
|
| 2017-09-28 11:39:56 |
Jamie Strandboge |
ufw (Ubuntu): status |
New |
Triaged |
|
| 2017-09-28 11:39:56 |
Jamie Strandboge |
ufw (Ubuntu): assignee |
|
Jamie Strandboge (jdstrand) |
|
| 2017-09-28 12:05:10 |
Jamie Strandboge |
ufw (Ubuntu): status |
Triaged |
In Progress |
|
| 2018-12-14 15:21:33 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Disco |
|
| 2018-12-14 15:21:33 |
Jamie Strandboge |
bug task added |
|
ufw (Ubuntu Disco) |
|
| 2018-12-14 15:21:33 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Cosmic |
|
| 2018-12-14 15:21:33 |
Jamie Strandboge |
bug task added |
|
ufw (Ubuntu Cosmic) |
|
| 2018-12-14 15:21:33 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Bionic |
|
| 2018-12-14 15:21:33 |
Jamie Strandboge |
bug task added |
|
ufw (Ubuntu Bionic) |
|
| 2018-12-14 15:21:39 |
Jamie Strandboge |
ufw (Ubuntu Cosmic): status |
New |
Triaged |
|
| 2018-12-14 15:21:41 |
Jamie Strandboge |
ufw (Ubuntu Bionic): status |
New |
Triaged |
|
| 2018-12-14 15:21:43 |
Jamie Strandboge |
ufw (Ubuntu Bionic): importance |
Undecided |
Medium |
|
| 2018-12-14 15:21:45 |
Jamie Strandboge |
ufw (Ubuntu Cosmic): importance |
Undecided |
Medium |
|
| 2018-12-14 15:21:47 |
Jamie Strandboge |
ufw (Ubuntu Bionic): assignee |
|
Jamie Strandboge (jdstrand) |
|
| 2018-12-14 15:21:49 |
Jamie Strandboge |
ufw (Ubuntu Cosmic): assignee |
|
Jamie Strandboge (jdstrand) |
|
| 2018-12-27 12:41:49 |
Launchpad Janitor |
ufw (Ubuntu Disco): status |
In Progress |
Fix Released |
|
| 2019-01-09 21:50:15 |
Jamie Strandboge |
description |
Is there a reason to restrict interface's name in ufw?
Should ufw accept what iptables accept as iface name?
I've a vpn with lot of nodes, its iface name contain a '-' so cannot use ufw on it.
I've found the check here and cannot found a reason for it:
http://bazaar.launchpad.net/~jdstrand/ufw/trunk/view/head:/src/common.py#L300
thanks |
[Impact]
ufw's interface name's or both too strict (this bug) and too loose (iptables has its own limits). Adjust the interface name checks to match those of the kernel.
[Test Case]
$ sudo ufw --dry-run allow in on i-1|grep i-1
### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 in_i-1
-A ufw-user-input -i i-1 -j ACCEPT
### tuple ### allow any any ::/0 any ::/0 in_i-1
-A ufw6-user-input -i i-1 -j ACCEPT
With an unpatched ufw, the above results in:
$ sudo ufw --dry-run allow in on i-1|grep i-1
ERROR: Bad interface name
[Regression Potential]
Risk of regression is considered low since the updated allow more than what is currently allowed, but not more than what iptables allows. See:
https://git.launchpad.net/ufw/tree/src/common.py?h=release/0.36#n295
= Original description =
Is there a reason to restrict interface's name in ufw?
Should ufw accept what iptables accept as iface name?
I've a vpn with lot of nodes, its iface name contain a '-' so cannot use ufw on it.
I've found the check here and cannot found a reason for it:
http://bazaar.launchpad.net/~jdstrand/ufw/trunk/view/head:/src/common.py#L300
thanks |
|
| 2019-01-09 23:16:39 |
Jamie Strandboge |
ufw (Ubuntu Bionic): status |
Triaged |
In Progress |
|
| 2019-01-09 23:16:41 |
Jamie Strandboge |
ufw (Ubuntu Cosmic): status |
Triaged |
In Progress |
|
| 2019-01-09 23:17:56 |
Jamie Strandboge |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2019-03-26 22:33:06 |
Brian Murray |
ufw (Ubuntu Cosmic): status |
In Progress |
Fix Committed |
|
| 2019-03-26 22:33:11 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
| 2019-03-26 22:33:14 |
Brian Murray |
tags |
|
verification-needed verification-needed-cosmic |
|
| 2019-03-26 22:37:50 |
Brian Murray |
ufw (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2019-03-26 22:37:57 |
Brian Murray |
tags |
verification-needed verification-needed-cosmic |
verification-needed verification-needed-bionic verification-needed-cosmic |
|
| 2019-03-28 11:08:16 |
Jamie Strandboge |
tags |
verification-needed verification-needed-bionic verification-needed-cosmic |
verification-done verification-done-bionic verification-done-cosmic |
|
| 2019-04-03 13:46:47 |
Launchpad Janitor |
ufw (Ubuntu Cosmic): status |
Fix Committed |
Fix Released |
|
| 2019-04-03 13:47:05 |
Robie Basak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2019-04-03 13:47:28 |
Launchpad Janitor |
ufw (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
