Firewall

Disable ipv6 bind for daemons

we should disable ipv6 bind for daemons because we don't support ipv6 in eBox yet but a box could get an ipv6 address by its autoconf mechanism opening a way to access services expected to be protected by ipv4 netfilter rules.

Make filter policies in objects compatible with time period restrictions

Add support for all the protocols available in /etc/protocols

This would also affect multigateway rules and traffic shaping.

Firewall redirections log

MAC filter

Adding MAC filter support, as described in this forum topic:  http://forum.ebox-platform.com/index.php?topic=1439.0

Show firewall entries depending on configuration

If eBox is not acting as gateway, just show Internal to eBox and eBox to Internet

ID for rules

When there are a lot of rules the sorting is difficult, it would be nice to add the ability of inserting a rule before or after another. Forum suggestion:  http://forum.ebox-platform.com/index.php?topic=2143.msg9101#msg9101

NAT loopback or reflection

The full explanation is done at:  http://forum.ebox-platform.com/index.php?action=post;topic=2205.0

Add native support to DMZ

Current implementation of ebox-firewall let users create manually a DMZ. But users want an automatic rule creation for a DMZ.

Blocklist management

Suggestion from:  http://forum.ebox-platform.com/index.php?topic=3032.0;topicseen