Awall silently ignores wrong attributes in policy files
Unknown attributes in policy files are ignored, which may lead to
unexpected iptables configuration.
E.g.:
"filter":
[
{
"family": "inet",
"proto": "tcp",
"port": 22,
"action": "accept"
}
]
Will translate without warning, but will allow all traffic (which is probably not what was intended), because only the action is translated, and the expected service is not present.
Maybe at least a warning could be generated if a known attribute is used
at a wrong place like in the above example.
Ideally, anything unexpected should be reported.
(from redmine: issue id 9640, created on 2018-11-12)