Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add objects support in MultiWAN rules #671

Closed
Tbaile opened this issue Jul 24, 2024 · 4 comments
Closed

Add objects support in MultiWAN rules #671

Tbaile opened this issue Jul 24, 2024 · 4 comments
Assignees
@gsanchietti
Labels
verified All test cases were verified successfully
Milestone
NethSecurity 8.2

Comments

@Tbaile
Copy link
Contributor

Tbaile commented Jul 24, 2024
edited by gsanchietti
Loading

Ad objects support in MultiWAN UI (rules section).
These are the fields we should cover with objects:

  • src addr (accepts only one IP/CIDR)
  • dest addr (accepts only one IP/CIDR)

Refs:

QA

Case 1:

  • Create a MWAN using no objects, ensure creation is successfull and edit is possible.

Case 2:

  • Ensure it's not possible to use a domain set as source or destination

Case 3:

  • Create a MWAN using a HostSet with a single ip, ensure it's possible to add the HostSet to both source and destination, then try to edit and ensure it's successfull

Case 4:

  • Try to create a MWAN with a multi ip HostSet, ensure that is not possible.

Case 5:

  • Create an host set with an IPv6
  • Make sure it's not possible to create a rule with such host set
@Tbaile Tbaile self-assigned this Jul 24, 2024
@Tbaile Tbaile converted this from a draft issue Jul 24, 2024
This was referenced Jul 24, 2024
Merged
Merged
@gsanchietti gsanchietti added this to the NethSecurity 8.2 milestone Jul 29, 2024
@Tbaile Tbaile mentioned this issue Jul 29, 2024
Merged
@gsanchietti gsanchietti mentioned this issue Jul 31, 2024
Merged
@Tbaile Tbaile added the testing Packages are available from testing repositories label Aug 5, 2024
@Tbaile
Copy link
Contributor Author

Tbaile commented Aug 5, 2024
edited
Loading

Testing image: 23.05.4-ns.1.1.99-alpha1-38-gd0241334

@Tbaile Tbaile added testing Packages are available from testing repositories and removed testing Packages are available from testing repositories labels Aug 5, 2024
@gsanchietti gsanchietti self-assigned this Aug 5, 2024
@gsanchietti
Copy link
Member

gsanchietti commented Aug 6, 2024
edited
Loading

Failed test cases:

  1. Form not cleared when a new rule is added after another one: The form retains previous inputs when adding a new rule immediately after saving another one.

  2. Selection checkbox is different from rules inside the rules page: The selection checkbox does not match the rules listed on the rules page.

  3. IPv6 objects should not be supported: IPv6 objects are being supported when they should not be.

  4. Rule not created when using any object as destination (mwan3): MWAN3 does not create a rule when any object is used as a destination.

    config rule 'ns_r7'
  option label 'r7'
  option use_policy 'ns_default'
  option sticky '0'
  option proto 'udp'
  option ns_src 'dhcp/ns_6930f270'
  option ns_dst 'objects/ns_8703278a'
  option src_ip '1.2.3.4'
  option ipset 'None dst'

  5. No domain set as destination: domain sets are converted to ipset, so they can't be used as destination, see official doc

@gsanchietti gsanchietti removed the testing Packages are available from testing repositories label Aug 6, 2024
This was referenced Aug 6, 2024
Merged
Merged
Merged
gsanchietti added a commit that referenced this issue Aug 7, 2024
@gsanchietti
Merge pull request #712 from NethServer/issue671
bb5b6dd 
mwan: remove unsupported objects

Issue #671
gsanchietti added a commit to NethServer/nethsecurity-ui that referenced this issue Aug 7, 2024
@gsanchietti
Merge pull request #333 from NethServer/issue671
d6a90ce 
Improve mwan rule form

NethServer/nethsecurity#671
gsanchietti pushed a commit that referenced this issue Aug 7, 2024
@github-actions
build(deps): ns-ui package: update ns-ui package (automated) (#713)
1b17b66 
Co-authored-by: gsanchietti <gsanchietti@users.noreply.github.com>

#671
@gsanchietti
Copy link
Member

Testing image: https://github.com/NethServer/nethsecurity/actions/runs/10279723774/artifacts/1784490295

@gsanchietti gsanchietti added the testing Packages are available from testing repositories label Aug 7, 2024
@gsanchietti
Copy link
Member

All test cases are now verified.
Still, I've found the user can create a rule with the same object as source and destination. The same thing is not possible within the firewall rule page.

@gsanchietti gsanchietti added verified All test cases were verified successfully and removed testing Packages are available from testing repositories labels Aug 7, 2024
@Tbaile Tbaile mentioned this issue Aug 7, 2024
Merged
@github-project-automation github-project-automation bot moved this from In progress 🛠 to Done ✅ in NethSecurity Aug 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gsanchietti gsanchietti

Labels
verified All test cases were verified successfully
Projects
NethSecurity
Archived in project
Milestone
NethSecurity 8.2
Development

No branches or pull requests
2 participants
@gsanchietti @Tbaile