OPNsense Forum
English Forums => Development and Code Review => Topic started by: DukeSniper on November 24, 2017, 12:36:23 pm
-
EDIT: after some browsing the forums, I found the GitHub tracker and opened the request there.
The current design only aliases Port Numbers to names. Designing a proper ruleset for protocols that utilize both UDP and TCP (on different ports) would require at least two rule definitions (one for the TCP rule, one for the UDP rule) and at least two Ports Alias definitions (one for the TCP ports, one for the UDP ports). Creating a proper "protocol" Alias (which contains both proto and port definitions) would simplify the ruleset.
Example:
Protocol foo uses TCP port 4711 and UDP port 1234. With the current architecture, there's the following definitions
Port alias FOO_UDP -> 1234
Port alias FOO_TCP -> 4711
rule FOO_TCP -> uses Proto TCP and references Port alias FOO_TCP
rule FOO_UDP -> uses Proto UDP and references Port alias FOO_UDP
With my suggested design, there would only be one rule and one alias:
Proto Alias FOO -> TCP/4711, UDP/1234
rule Foo -> uses Proto alias FOO