Include rulseset in firewall
Closed, ResolvedPublicFEATURE REQUEST
Actions

Assigned To

Authored By

	mb300sd
	Aug 2 2018, 4:33 AM

Description

It would be nice to be able to include another rule set in the firewall.

For example, I have a lot of zones that have the basic allow established/related, drop invalid, allow a few icmp types, and allow dns, plus 1 or 2 other rules. It would remove a ton of duplication in the config if it was possible to have an include directive.

Details

Version: -
Is it a breaking change?: Unspecified (possibly destroys the router)

Event Timeline

mb300sd created this task.Aug 2 2018, 4:33 AM

syncer triaged this task as Wishlist priority.Sep 1 2018, 3:00 PM

pasik subscribed.Oct 1 2018, 9:51 AM

syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc4); removed VyOS 1.2 Crux.Oct 13 2018, 10:09 AM

syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc5); removed VyOS 1.2 Crux (VyOS 1.2.0-rc4).Oct 24 2018, 4:39 PM

syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc6); removed VyOS 1.2 Crux (VyOS 1.2.0-rc5).Oct 29 2018, 6:16 PM

This would be best done along with firewall scripts rewrite.

efficiosoft subscribed.Sep 14 2019, 11:19 AM

I'm very interested in this as well. Especially when you do lots of filtering based on ipsets that contain adresses from multiple zones, inclusion can save you a lot of redundancy.

Most likely this should be done (after firewall rewrite) as jump statements.

dmbaturin edited projects, added VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.Jul 29 2021, 1:08 PM

eronlloyd subscribed.Aug 1 2021, 9:07 PM

penetal subscribed.Sep 5 2021, 5:56 PM

tioan subscribed.Oct 30 2022, 11:16 PM

aga subscribed.Jun 9 2023, 5:28 PM

Jump action is available in 1.4
Then, I'm setting this task as resolved

Include rulseset in firewallClosed, ResolvedPublicFEATURE REQUESTActions

Description

Details

Event Timeline

Include rulseset in firewall
Closed, ResolvedPublicFEATURE REQUEST
Actions