-
Notifications
You must be signed in to change notification settings - Fork 134
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
new: Add interactive firewall rule editor plugin #294
Merged
Merged
Commits on Mar 31, 2022
-
Proposal: Interactive firewall rule editor
This relates to #293 After discussing with the firewall team, it seems like automated inserting of individual firewall rules isn't a great idea; the rules are applied immediately as changes are made, and since these rules are applied in order, with the first matching rule being acted on, it's easy to accidentally set up an insecure configuration. To make matters worse, there is no good way to identify a single rule from the response; labels are not required and don't have to be unique, and no other reasonable choice for an identifier is present. As such, automated systems that manage firewall rules should, for that reason, regenerate the entire ruleset for each update; for applications that want to modify the existing rules, they should follow a fetch-update-publish model. This PR is an attempt at the latter for the CLI; a plugin that allows interactive editing of firewall rules. This is by no means perfect - there are still several TODOs in the code, and it could generally be cleaner - but it should serve as an example of what we might want.o The interface looks this like: ``` Firewall: example Status: enabled Inbound Policy: DROP Outbound Policy: DROP Inbound Rules: ind | label | protocol | action | ports | addresses -----+-------+----------+--------+-------+------------------- 0 | | TCP | ACCEPT | 80 | 192.168.12.34/32 1 | | TCP | ACCEPT | | 12.34.56.0/24 Outbound Rules: ind | label | protocol | action | ports | addresses -----+-------+----------+--------+-------+--------------- 2 | test | UDP | ACCEPT | | 12.34.56.0/24 Global: Toggle [I]nbound or [O]utbound Policy Rules: [A]dd, [R]emove, or [S]wap [W]rtie settings or [Q]uit Saving.. Rules updated successfully! ``` Feedback appreciated
Configuration menu - View commit details
-
Copy full SHA for 91ace48 - Browse repository at this point
Copy the full SHA 91ace48View commit details
Commits on Nov 18, 2022
-
Merge branch 'master' of github.com:linode/linode-cli into feature/in…
…teractive-firewall-plugin
Configuration menu - View commit details
-
Copy full SHA for 7e94b7c - Browse repository at this point
Copy the full SHA 7e94b7cView commit details
Commits on Nov 21, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 1fb230a - Browse repository at this point
Copy the full SHA 1fb230aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 341fe1b - Browse repository at this point
Copy the full SHA 341fe1bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 0cada6a - Browse repository at this point
Copy the full SHA 0cada6aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3c9c530 - Browse repository at this point
Copy the full SHA 3c9c530View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2d24a03 - Browse repository at this point
Copy the full SHA 2d24a03View commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.