Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

We need a means to add firewall rules

Description

Please see https://jira.ixsystems.com/browse/NAS-105060 and several forum threads from other True/FreeNAS users seeking this feature.

With TrueNAS becoming more widely used in production environments and and private users wishing to access their personal cloud over the web, sometimes uninvited guests will try to bombard the server with unwanted traffic.

It is becoming essentially to allow for setting the firewall. It wouldn't be so bad if the ipfw command and all settings to persisted after reboot, but it doesn't, so we need a UI to add persistent rules to it now.

The previous ticket was closed as needing more interest, but it has interest from a fair amount of users, and now I'm adding myself to the list.

A feature like this is becoming more and more necessary in our times as cybersecurity becomes more and more of an issue.

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Kris Moore 
April 8, 2024 at 1:12 PM

We took a further look at this. We don’t have a good path forward on this request, not without horribly complicating the product and possibly causing a whole new class of foot-shooting in the process. We do have some alternative ideas on how to make network management better that will compliment this original request.

Marion Z. 
April 25, 2023 at 5:37 AM

It’ll be great to have a firewall as IPv6 adopts. I think just a simple IPFW service implement is quite enough.

NK 
October 12, 2022 at 8:41 PM

Why all the negativity? I support this. The ufw is a “good enough” firewall for millions of linux devs, a nice interface would help, even if its just for internal use.

stephen c 
August 1, 2021 at 6:13 PM

I have 2 massive storage arrays set up for several research groups. I am using Truenas because it's EXTREMELY versatile, plays nice with active directory for authentication as well as runs on older racked servers letting me breathe new life into older equipment. I run these on a campus with over 45,000 users. Despite having enterprise perimeter firewalls, keeping services/GUI of these servers filtered to only allow specific systems or subnets would be GREAT. Even inexpensive entry level single-drive bay synology nas boxes have some form of a CAL (client access list aka basic firewall) baked into their GUI. My argument to justify Truenas to the security team is always questioned by this missing feature.

I've been using Freenas at home and in my private practice with clients for over 10 years and I LOVE it. I am grateful that this great resource is kept free and openly available to users like me.

 A firewall config option being added would definitely get Truenas more attention in the enterprise sector running on limited budgets. 

Fabrizio Sidoli 
April 23, 2021 at 5:52 AM

, I've voted.

, I fail to see why so many people, including you, are against this option. I haven't seen a convincing argument against having this, although if you have one I'd love to hear it as I'm all for being persuaded I've been doing something wrong all these years.

All unix boxes and all unix admins will be used to setting up a firewall. It's as simple as that. It's good practice. I work in an organisation with ~250,000 people. Yes, there's an institutional FW protecting us from the outside world, but hell no if I'm going to trust ~249,999 other people internal to that FW.

If TrueNAS want to really appeal to the enterprise I think it needs to get on board with the idea that a FW is something unix sys admins like and are accustomed to setting up. It's the final set up process for any unix box I set up (and not because it's the least important, far from it). For me it's a no brainer and an obvious gaping hole that makes me say, wow, this is great.

Accepted

Details

Priority

Assignee

Reporter

Labels

Impact

Affects versions

More fields

Katalon Platform

Created April 20, 2021 at 1:37 PM
Updated April 8, 2024 at 1:12 PM
Resolved January 6, 2022 at 2:45 PM