"delete" should accept multiple parameters
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ufw |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
TLDR: ufw delete should accept more than one "NUM" parameter to improve UX.
Long:
When using ipv6, each ufw use such as "ufw allow https" creates two distinct firewall rules, one for ipv4 and one for ipv6.
When the user wants to remove a firewall rule set this way, he/she needs to call "ufw status numbered" and then delete both rules, one by one. Example output of "ufw status numbered":
-------
To Action From
-- ------ ----
[ 1] 22/tcp LIMIT IN Anywhere
[ 2] 80/tcp ALLOW IN Anywhere
[ 3] 443/tcp ALLOW IN Anywhere
[ 4] 22/tcp (v6) LIMIT IN Anywhere (v6)
[ 5] 80/tcp (v6) ALLOW IN Anywhere (v6)
[ 6] 443/tcp (v6) ALLOW IN Anywhere (v6)
-------
If user wants to get rid of HTTP rule, two commands need to be run: "ufw delete 2" and "ufw delete 5".
But after successful run of "ufw delete 2", the whole output of "ufw status numbered" changes:
-------
To Action From
-- ------ ----
[ 1] 22/tcp LIMIT IN Anywhere
[ 2] 443/tcp ALLOW IN Anywhere
[ 3] 22/tcp (v6) LIMIT IN Anywhere (v6)
[ 4] 80/tcp (v6) ALLOW IN Anywhere (v6)
[ 5] 443/tcp (v6) ALLOW IN Anywhere (v6)
-------
.. and now "ufw delete 5" will delete the ipv6 HTTPS (443) rule instead of the ipv6 HTTP (80) rule - which might not be intended by the user. Ooops!
In my eyes this is a UX problem insofar that it's very easy for the user to accidently remove the wrong rules.
As UFW aims to improve firewall UX, I propose that we add a way to allow the user to remove both rules at the same time, such as:
"ufw delete 2 5"
This would streamline the UX, because:
- no second call to "ufw status numbered" is needed for the user
- the chance of operator errors is reduced
I'm happy to create a PR for this if the concensus is that we should add this feature.