margarita icon indicating copy to clipboard operation
margarita copied to clipboard

Published 20 hours ago verified publisher icon caktus

UFW State Improvements

Open mlavin opened this issue 11 years ago • 1 comments

I threw together the ufw states and they can be much better. First they should be broken into the underlying modules and the states themselves. Also they could do a better job checking if the command is necessary before calling it. For instance we don't need to call ufw enable if ufw status already shows it is active.

mlavin avatar May 10 '13 19:05 mlavin

I'm looking for ways to maybe simplify this a little:

  • Do we ever need to deal with UDP? Or could we just make everything assume TCP?
  • Do we ever need to delete a rule? Would it be enough if we could just change 'allow' to 'deny' if need be?
  • Do we ever need to write a state to say that ufw should not be enabled? That's the default after install anyway.

dpoirier avatar Aug 11 '15 18:08 dpoirier