Try to design a check for misuage of "yunohost firewall allow"

[alexAubin]

Many apps do use this because they think "oh, that service I installed uses a port ... I should allow it in the firewall" whereas it's only for internal use ... Which is in fact a security issue (maybe not if being a NAT, but it is for a VPS)

Maybe use the --need-exposed-port of 3.8 ... Or maybe check for proxy_pass in the nginx conf ...

[alexAubin]

I believe it's done

[tituspijean]

Reopening this, since I have just seen the following warning in Jellyfin:

! Some message is talking about 'Configuring firewall' but there's no mention of 'yunohost firewall allow' ... If you're only finding an available port for internal reverse proxy, this has nothing to do with 'Configuring the firewall', so the message should be changed to avoid confusion...

In the use case of Jellyfin, we need to have port 1900 opened on the server for auto-discovery of the service on the local network, but not opened on the router to the Internet. Somewhat related to YunoHost/issues#2030