12062 – suricata: Create an AND connection between the zone checkboxes

Bug 12062 - suricata: Create an AND connection between the zone checkboxes

Summary: suricata: Create an AND connection between the zone checkboxes

Status:	CLOSED FIXED

Alias:	None

Product:	IPFire
Classification:	Unclassified
Component:	--- (show other bugs)
Version:	2
Hardware:	unspecified Unspecified

Importance:	Will affect all users Major Usability
Assignee:	Stefan Schantl
QA Contact:

URL:
Keywords:

Depends on:
Blocks:	SURICATA
	Show dependency tree / graph

Reported:	2019-04-23 21:05 UTC by Michael Tremer
Modified:	2019-05-20 18:47 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Tremer 2019-04-23 21:05:34 UTC

When on the UI, we select one network zone, all traffic is being scanned on that zone. That means creating a scenario where RED and ORANGE is scanned, but RED and GREEN is not is unintuitive because only ORANGE needs to be checked. This is an OR connection.

An AND connection would be better so that traffic between two zones is only scanned when BOTH are checked. I would expect that.

Comment 1 Stefan Schantl 2019-04-25 18:33:16 UTC

Patchset has been sent to the development mailing list.

https://patchwork.ipfire.org/patch/2213/
https://patchwork.ipfire.org/patch/2214/
https://patchwork.ipfire.org/patch/2215/