Dropbear: Enable SSH from WAN firewall rule #7138
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A draft implementation of an easy way to enable the Allow SSH from WAN rule from UI.
The whole idea is to make a Luci GUI wizard to enable WAN access #7137
The key idea is to have a firewall rule pre-defined and the GUI should only enable it.
This is a simplest implementation. It will work only for 22 port.
We may extend it later but it already covers the typical usage.
What is missing: we should show precautions for a users that this is not safe at all.
And same for the uhttpd:
Here it may be not enough to just open an access. A user may want to switch IP address of uhttpd. Additionally the rfc1918 filter should be disabled. So I copied them from luci-app-uhttpd.
This needs somehow to be managed in graceful way.