New Member
Posts: 20
Registered: ‎07-18-2018
Kudos: 1

Bug in firewall code

Hello developers,

 

AirCube-ISP @ v2.4.0, firewall:

 

config rule wan_discovery - specifying 'all' in proto gives you wrong effect in my believes. You may want to have tcpudp there instead.

Since 'all' in fact does permit ALL traffic from any to any and stops processing further rules down the chain.

Ubiquiti Employee
Posts: 11,334
Registered: ‎04-14-2017
Kudos: 2103
Solutions: 325

Re: Bug in firewall code

@UBNT-Kaleda can you comment on this one?
Ubiquiti Employee
Posts: 160
Registered: ‎02-15-2008
Kudos: 141
Solutions: 8

Re: Bug in firewall code

This affects only UBNT discovery protocol port, not all ports.

New Member
Posts: 20
Registered: ‎07-18-2018
Kudos: 1

Re: Bug in firewall code

Are you 100% sure about this? Because to me it looks like in the end result it leave router's INPUT chain totally unprotected (allows all traffic to all ports)

Veteran Member
Posts: 4,579
Registered: ‎05-19-2009
Kudos: 828
Solutions: 23

Re: Bug in firewall code

[ Edited ]

If you download port authority Android app and run a port scan that should let you know