Editing Network rule creates ufw duplicates

Cristian Balan

Planned

E.g

When creating a Network rule via UI, it creates the following rule: ufw allow from 10.131.34.164 to any port 3306 proto tcp comment 'joshua'

When we edit the rule, it creates another one with the old way without the protocol: ufw allow from 10.131.34.164 to any port 3306 comment 'mysql-joshua'

When deleting the rule, it deletes the original one while the one without protocol and updated comment is left behind.

Cristian Balan

Item author

· 2 years ago · Edited

I have updated the description.

no votes yet

Cristian Balan

Item author

· 1 year ago

Update: I have edited an existing rule and it created the duplicate rule due to the bug. However, this time when I have deleted the rule from the UI, both rules remained in place on the server (logs say: "Could not delete non-existent rule").

This has security implications in both cases, when editing to update an IP and creating the unintended duplicate, as well as when deleting the rule as it doesn't.

no votes yet

Cristian Balan

Item author

· 1 year ago

This goes hand in hand with https://roadmap.ploi.io/projects/7-bugs/items/1038-add-web-worker-ip-to-the-ufw-rules-when-updating-default-network-ssh-rule

no votes yet

Cristian Balan

Item author

· 9 months ago · Edited

This is still an issue and makes everything we see in Server > Network unreliable and presents a risk. In fact it is a mess... :(

no votes yet