Actions
Regression #12040
closed
Scheduled firewall rules failing to load
Start date:
06/15/2021
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Force Exclusion
Affected Version:
2.5.x
Affected Architecture:
All
Description
In 2.5.2-RC firewall rules with a schedule fail to load generating an error.
Tested using this config:
<rule>
<id></id>
<tracker>1623761655</tracker>
<type>reject</type>
<interface>lan</interface>
<ipprotocol>inet</ipprotocol>
<tag></tag>
<tagged></tagged>
<max></max>
<max-src-nodes></max-src-nodes>
<max-src-conn></max-src-conn>
<max-src-states></max-src-states>
<statetimeout></statetimeout>
<statetype><![CDATA[keep state]]></statetype>
<os></os>
<protocol>tcp</protocol>
<source>
<any></any>
</source>
<destination>
<address>1.1.1.1</address>
</destination>
<descr><![CDATA[Test Schedule]]></descr>
<sched>9to5</sched>
<created>
<time>1623761655</time>
<username><![CDATA[admin@172.21.16.5 (Local Database)]]></username>
</created>
<updated>
<time>1623761670</time>
<username><![CDATA[admin@172.21.16.5 (Local Database)]]></username>
</updated>
</rule>
And schedule:
<schedules>
<schedule>
<name>9to5</name>
<descr></descr>
<timerange>
<position>1,2,3,4,5</position>
<hour>9:00-17:00</hour>
<rangedescr></rangedescr>
</timerange>
<schedlabel>60c8a2cf2b439</schedlabel>
</schedule>
</schedules>
Generates this rule:
block return in quick on $LAN inet proto tcp from any to 1.1.1.1 tracker 1623761655 flags S/SA schedule "60c8a2cf2b439" label "USER_RULE: Test Schedule"
Fails to load generating this error:
There were error(s) loading the rules: /tmp/rules.debug:146: syntax error - The line in question reads [146]: block return in quick on $LAN inet proto tcp from any to 1.1.1.1 tracker 1623761655 flags S/SA schedule "60c8a2cf2b439" label "USER_RULE: Test Schedule"
Tested:
2.5.2-RC (amd64) built on Sun Jun 13 17:15:05 EDT 2021 FreeBSD 12.2-STABLE
Updated by 
Updated by Viktor Gurov
Actions