Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rule creation interface is hard to use #16

Open
kkofler opened this issue Jan 24, 2018 · 1 comment
Open

Rule creation interface is hard to use #16

kkofler opened this issue Jan 24, 2018 · 1 comment

Comments

@kkofler
Copy link
Contributor

@kkofler kkofler commented Jan 24, 2018

The original UFW-KDE had a "simple" mode (which was the default) and an "advanced" mode (easily enabled through a dropdown at the top). In the "simple" mode, only the destination port (for an incoming rule) was shown (with the possibility to pick an application profile instead of a port number, see also #15), all the other settings (source address, source port, destination address) were hidden and set to "any". In the "advanced" mode, everything was shown. Nomad Firewall currently only has the equivalent of the "advanced" mode.

The rationale there is (and I tend to agree with whomever came up with that design) that an inexperienced user will not know that the destination port is the only setting that really matters in nearly all cases and what to do with the other settings. The "simple" mode allows such users to just open up a port (or ideally an application profile, see #15) without knowing the technical details. And if you need to set everything, you can quickly switch to "advanced" mode.

I think Nomad Firewall would greatly benefit from having such a "simple" mode, or something equivalent (could also be, e.g., a separate "Add simple rule" or "Quickly add rule" button), available as well.

Of course, if you are editing a rule that uses advanced settings, it should automatically come up in "advanced" mode so that the non-default settings are clearly visible.

Somewhat related to this, the defaults when creating a new rule should probably be Incoming and Allow, at least if the firewall is set to default deny.


Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

@azubieta

This comment has been minimized.

Copy link
Member

@azubieta azubieta commented May 16, 2018

We will be dropping UFW as backend #21 but we are still going to address this issue using the data from /etc/services which provides a quite complete listing of the ports being used by the different services.

@azubieta azubieta removed their assignment May 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
You can’t perform that action at this time.