← Back to team overview

gufw-developers team mailing list archive

  1. gufw-developers team
  2. Mailing list archive
  3. Message #01981

[Bug 1572973] Re: [Enhancement] Gufw/ufw could be linked to iptables-persistent or include extensions

  Thread PreviousDate PreviousThread Next 
** Description changed:

  Hello,
  
  I've just installed iptables-persistent package so that my user-defined
  iptables rules are reloaded at each reboot.
  
- Some rules cannot be defined with Gufw/ufw, such as for instance "sudo iptables -I OUTPUT -m geoip --dst-cc <country-code> -j ACCEPT" which uses Xtables-addons. 
- In order to have these manually defined iptables rules reloaded at each reboot, the correct way is to save them in 2 user-defined files such as /etc/iptables/rules.v4 & /etc/iptables/rules.v6 with "sudo iptables-save /etc/iptables/rules.v4" &  "sudo ip6tables-save /etc/iptables/rules.v6", which will be later used by iptables-persistent at each Linux startup.
+ Some rules cannot be defined with Gufw/ufw, such as for instance "sudo iptables -I OUTPUT -m geoip --dst-cc <country-code> -j ACCEPT" which uses Xtables-addons.
+ In order to have these manually defined iptables rules reloaded at each reboot, the correct way is to save them in 2 user-defined files such as /etc/iptables/rules.v4 & /etc/iptables/rules.v6 with "sudo iptables-save > /etc/iptables/rules.v4" &  "sudo ip6tables-save > /etc/iptables/rules.v6", which will be later used by iptables-persistent at each Linux startup.
  However, any change done in Gufw is subsequently lost unless a manual call to save all the rules is made each time.
  
  So I propose 2 options to enhance Gufw:
  * include in Gufw settings the possibility to define the path to iptables-persistent configuration, so that each time the user changes a rule in Gufw, it is saved there, otherwise it will be lost,
  * or enhance Gufw with the possibility to use extensions such as Xtables-addons, which would prevent us from having to manipulate the iptables & install iptables-persistent package.
  
  Your call...

-- 
You received this bug notification because you are a member of Gufw
Developers, which is subscribed to Gufw.
https://bugs.launchpad.net/bugs/1572973

Title:
  [Enhancement] Gufw/ufw could be linked to iptables-persistent or
  include extensions

Status in Gufw:
  New

Bug description:
  Hello,

  I've just installed iptables-persistent package so that my user-
  defined iptables rules are reloaded at each reboot.

  Some rules cannot be defined with Gufw/ufw, such as for instance "sudo iptables -I OUTPUT -m geoip --dst-cc <country-code> -j ACCEPT" which uses Xtables-addons.
  In order to have these manually defined iptables rules reloaded at each reboot, the correct way is to save them in 2 user-defined files such as /etc/iptables/rules.v4 & /etc/iptables/rules.v6 with "sudo iptables-save > /etc/iptables/rules.v4" &  "sudo ip6tables-save > /etc/iptables/rules.v6", which will be later used by iptables-persistent at each Linux startup.
  However, any change done in Gufw is subsequently lost unless a manual call to save all the rules is made each time.

  So I propose 2 options to enhance Gufw:
  * include in Gufw settings the possibility to define the path to iptables-persistent configuration, so that each time the user changes a rule in Gufw, it is saved there, otherwise it will be lost,
  * or enhance Gufw with the possibility to use extensions such as Xtables-addons, which would prevent us from having to manipulate the iptables & install iptables-persistent package.

  Your call...

To manage notifications about this bug go to:
https://bugs.launchpad.net/gui-ufw/+bug/1572973/+subscriptions

References

  Thread PreviousDate PreviousThread Next