touch-packages team mailing list archive

Thread
Date
[Bug 1155292] Re: ufw manpage bug (some usage missing), suggested improvements to -help

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Fri, 17 Jul 2015 15:25:15 -0000
Reply-to: Bug 1155292 <1155292@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
** Changed in: ufw (Ubuntu)
       Status: Confirmed => In Progress

** Changed in: ufw (Ubuntu)
   Importance: Undecided => Low

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1155292

Title:
  ufw manpage bug (some usage missing), suggested improvements to -help

Status in ufw package in Ubuntu:
  In Progress

Bug description:
  the ufw manpage USAGE summary (top of manpage) does not list the
  syntax for adding app profiles to your firewall.

  USAGE
         ufw [--dry-run] enable|disable|reload

         ufw [--dry-run] default allow|deny|reject [incoming|outgoing]

         ufw [--dry-run] logging on|off|LEVEL

         ufw [--dry-run] reset

         ufw [--dry-run] status [verbose|numbered]

         ufw [--dry-run] show REPORT

         ufw [--dry-run] [delete] [insert NUM] allow|deny|reject|limit
  [in|out] [log|log-all] PORT[/protocol]

         ufw  [--dry-run] [delete] [insert NUM] allow|deny|reject|limit [in|out on INTERFACE] [log|log-all] [proto protocol] [from ADDRESS [port PORT]] [to
         ADDRESS [port PORT]]

         ufw [--dry-run] delete NUM

         ufw [--dry-run] app list|info|default|update


  
  I'd suggest something like:

         ufw [--dry-run] [delete] [insert NUM] allow|deny|reject|limit
  [in|out] [log|log-all] [ PORT[/protocol] | AppProfileName ]

  ...assuming that all the potential arguments are valid when you use an
  application profile name.

  Additionally, the ufw --help text doesn't really explain this either.
  ----
  # ufw help

  Usage: ufw COMMAND

  Commands:
   enable                          enables the firewall
   disable                         disables the firewall
   default ARG                     set default policy
   logging LEVEL                   set logging to LEVEL
   allow ARGS                      add allow rule
   deny ARGS                       add deny rule
   reject ARGS                     add reject rule
   limit ARGS                      add limit rule
   delete RULE|NUM                 delete RULE
   insert NUM RULE                 insert RULE at NUM
   reset                           reset firewall
   status                          show firewall status
   status numbered                 show firewall status as numbered list of RULES
   status verbose                  show verbose firewall status
   show ARG                        show firewall report
   version                         display version information

  Application profile commands:
   app list                        list application profiles
   app info PROFILE                show information on PROFILE
   app update PROFILE              update PROFILE
   app default ARG                 set default application policy
  ----

  I'd suggest changing:

  allow ARGS|AppProfile      add allow rule or enable an application
  profile

  ...and presumably something similar for "deny."  You might alternately
  put something like this in the Application Profile commands section:

  Application profile commands:
   app list                        list application profiles
   app info PROFILE                show information on PROFILE
   app update PROFILE              update PROFILE
   app default ARG                 set default application policy
   allow PROFILE            add allow rules defined in PROFILE

  thanks!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1155292/+subscriptions