Additional comment field on firewall rules

Home Page Forums Network Management Request a new feature Additional comment field on firewall rules

This topic contains 5 replies, has 0 voices, and was last updated by  Aileron 7 years, 7 months ago.

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #41711

    Aileron
    Member

    Hi!

    My list of firewall rules is getting more and more complex. After some time I can’t remember why I had added a particular rule. Therefore, it would make sense to be able to add a short description to each rule so that one can keep track of why rules were added.

    Anyway, thx to Fulvio for his work on that great project!

    #48208

    aseques
    Member

    Just found a way to add comments to the rules (at least meanwhile there’s nothing better)
    http://www.zeroshell.net/eng/forum/viewtopic.php?t=1577

    #48209

    Aileron
    Member

    A couple of days ago I upgraded to beta14. Still, when working with the firewall configuration, I am missing the comment field… I did use the comment-feature with iptables before, but still I believe a comment field in the iptables (and/or QoS) dialog would be quite an improvement. When opening port 29529 for some reason most likely I can’t remember a year later what the reason for that was…

    #48210

    Anonymous
    Member

    Removed

    #48211

    on
    Member

    @aileron wrote:

    Hi!

    My list of firewall rules is getting more and more complex. After some time I can’t remember why I had added a particular rule. Therefore, it would make sense to be able to add a short description to each rule so that one can keep track of why rules were added.

    Anyway, thx to Fulvio for his work on that great project!

    Hi,

    I totally support that idea, I have nearly 1000 lines in my ipfilter config, I would be dead without comments.

    I also totally agree on the compliment 🙂

    Olivier

    #48212

    AtroposX
    Member

    I agree to add comments-capability. Makes sense when having hundreds to thousands of rules. It’s one thing to be the only admin, but another to have multiples and everyone having their hands on changes and no comments on the rules.

    #48213

    on
    Member

    @atroposx wrote:

    I agree to add comments-capability. Makes sense when having hundreds to thousands of rules. It’s one thing to be the only admin, but another to have multiples and everyone having their hands on changes and no comments on the rules.

    In fact, the ability to put comments exists in the options:

    -m comment — comment

    But it is tedious to type, and because it cannot have space, you need to be careful.

    So basically, it is only an input string that will be coded as /* comment */ in the rule.

    Best regards,

    Olivier

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.