Security Audit Improvements
- DMZ network handling - DMZ networks now correctly report external DNS configuration as informational rather than flagging it as a security issue, since DMZ networks are intentionally isolated from the gateway
- External DNS bypass detection - Networks configured to use external public DNS (like Cloudflare or Google DNS) that bypass local DNS filtering are now detected and reported
- VLAN isolation exception visibility - Firewall rules that create exceptions to VLAN isolation are now clearly displayed with "Source → Destination" format for easier identification
Bug Fixes
- Fixed false positives - App-based firewall rules (like HTTP/HTTPS) are no longer incorrectly flagged as overlapping with unrelated rules
- Improved rule detection - Firewall rules using IP/CIDR source matching are now properly detected for isolation and internet access checks
- IPv6 fix - Fixed a bug in IPv6 CIDR subnet matching
⚠️ Feedback Welcome - This release includes significant changes to Security Audit issue detection. If you notice any incorrect findings or false positives, please report them at: #148