Project

General

Profile

Bug #11061

CARP rules show up as "part" of the snort package in rules.debug

Added by Florian Apolloner 5 months ago. Updated 5 months ago.

Status:
Resolved
Priority:
Very Low
Category:
Rules / NAT
Target version:
Start date:
11/12/2020
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.4.x
Affected Architecture:
All
Release Notes:
Default

Description

This is only a cosmetic change, but it adds a header to the generated rules to separate it from the snort package. See https://github.com/pfsense/pfsense/pull/4486 for details.

History

#1 Updated by Renato Botelho 5 months ago

  • Category set to Rules / NAT
  • Status changed from New to Feedback
  • Assignee set to Renato Botelho
  • Target version set to 2.5.0

PR has been merged. Thanks!

#2 Updated by Florian Apolloner 5 months ago

Thank you very much.

#3 Updated by Danilo Zrenjanin 5 months ago

  • Status changed from Feedback to Resolved

Tested on:

2.5.0-DEVELOPMENT (amd64)
built on Sat Nov 21 01:03:32 EST 2020
FreeBSD 12.2-STABLE

Indeed it looks better now:

# Snort package
block log quick from <snort2c> to any tracker 1000000118 label "Block snort2c hosts" 
block log quick from any to <snort2c> tracker 1000000119 label "Block snort2c hosts" 

# CARP rules
block in log quick proto carp from (self) to any tracker 1000000201
pass  quick proto carp tracker 1000000202 no state

Ticket resolved.

Also available in: Atom PDF