During the work with the firewall, I had the need to disable a rule of the same, and I had to eliminate it, for example during a test, and then recreate it, this wastes time, even if there was a state in the rules , for example, by default all the rules are active, but the system administrator can deactivate a certain firewall rule without having to eliminate it because it will be used later, this would be very useful.
maybe something like this:
to deactivate a firewall rule:
set firewall name WAN-LAN rule 1 state disable
to activate a firewall rule:
set firewall name WAN-LAN rule 1 state enable
the state parameter by default could be with the value “enable” by default, therefore it is not necessary to show it during the recoveries of firewall information, that is, only its value would be shown if it is “disable”.
Of course if I make a recovery of the operational state of the firewall, the rules with the state “disable” should not be shown, they will only be shown if a recovery of the configuration information is done.
If there is the possibility of recovering specific information from the firewall with something like this:
show firewall whereis "192.168.0.1"
As I showed in “Search for specific information in the firewall” of this section of the forum, the output could show that “192.168.0.1” is in a disabled rule.
Something like this:
Firewall Ruleset: Rule: State:
WAN-LAN 1 disable
Firewall group: Type:
Admin Address Groups