0022841: Change firewall to isolate all LAN's/VLAN's from each other

ClearFoundation Tracker - ClearOS
View Issue Details

ID	Project	Category	View Status	Date Submitted	Last Update
0022841	ClearOS	app-network - Network Settings	public	2019-02-18 09:45	2019-02-23 19:58

Reporter	NickH
Assigned To	dloper
Priority	normal	Severity	feature	Reproducibility	always
Status	closed	Resolution	suspended
Platform		OS		OS Version
Product Version	7.5.0 Updates
Target Version	8.0.0 Beta 1	Fixed in Version

Summary	0022841: Change firewall to isolate all LAN's/VLAN's from each other
Description	Currently all interfaces designated as LAN can talk to any other LAN or HotLAN subnet. In some ways this is a strange behaviour as VLAN's are often used to segregate traffic and provide privacy on each LAN. We can: 1 - Change the default firewall so that LAN interfaces can no longer talk to each other. This should include HotLANs, as again, the default behaviour is to allow any LAN to talk to a HotLAN but not vice-versa. 2 - Add an webconfig screen to allow interfaces to talk to each other. It only needs to be one-way as the default RELATED,ESTABLISHED rule would allow traffic back. This would avoid having to create Custom Firewall rules. 3 - Optionally allow the rule to to be bidirectional so if LAN-A can talk to LAN-B, then LAN-B can talk to LAN-A. This is the same as selecting two allows from 2) above.
Steps To Reproduce
Additional Information
Tags	No tags attached.
Relationships
Attached Files

Issue History
Date Modified	Username	Field	Change
2019-02-18 09:45	NickH	New Issue
2019-02-18 09:45	NickH	Status	new => assigned
2019-02-18 09:45	NickH	Assigned To	=> dloper
2019-02-23 19:58	dloper	Note Added: 0009951
2019-02-23 19:58	dloper	Status	assigned => closed
2019-02-23 19:58	dloper	Resolution	open => suspended

Notes