luci-mod-firewall: Expand on naming of forwarding rule inside the zone #6537
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Marked as draft because I haven't tested this... Also I'm not too happy with the new name for the entry, better suggestions are welcome! Maybe it would make more sense to rename the global option to "Forwarding between zones" and this one to "Forwarding within zone"? |
|
Intra and Inter have worked fine for aeons. Please rebase your changes onto current master. |
|
Please spell it |
jonas2515
force-pushed
the
better-explain-forwarding-rule
branch
from
fe78038 to
825595a
Compare
|
Thanks for the reviews, rebased and renamed to "Intra zone forward". |
jonas2515
changed the title
systemcrash
force-pushed
the
better-explain-forwarding-rule
branch
from
825595a to
d38edeb
Compare
|
@jonas2515 Please fix your signed-off-by in the commit. |
jonas2515
force-pushed
the
better-explain-forwarding-rule
branch
from
d38edeb to
7dd50c4
Compare
|
Ah sure, added the signed-off-by! |
Apparently the "Forward" entry of the individual firewall zones controls forwarding within the zone (between the individual interfaces) only, and not the forwarding of packets from the zone to other zones. This is quite confusing, as the meaning is different from the global "Forward" option above, which does control forwarding between zones. Quote from user jow on the forum: > The per-zone forward controls forwarding traffic among the ifaces of this > zone. Traffic from/to other zones is handled by the global forward policy, > or individual forwardings or rules. See https://forum.openwrt.org/t/likely-bug-in-openwrt-firewall-rule-generation/18152 Let's try to be a bit more concise with the naming here and rename this entry to "Intra zone forward", which hopefully makes the difference clear. Signed-off-by: Jonas Dreßler <verdre@v0yd.nl>
systemcrash
force-pushed
the
better-explain-forwarding-rule
branch
from
7dd50c4 to
785da07
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Apparently the "Forward" entry of the individual firewall zones controls forwarding within the zone (between the individual interfaces) only, and not the forwarding of packets from the zone to other zones. This is quite confusing, as the meaning is different from the global "Forward" option above, which does control forwarding between zones.
Quote from user jow on the forum:
See https://forum.openwrt.org/t/likely-bug-in-openwrt-firewall-rule-generation/18152
Let's try to be a bit more concise with the naming here and rename this entry to "Intra-Zone Forward", which hopefully makes the difference clear.