Project

General

Profile

Actions

Regression #12287

closed

State table entry rule ID does not contain the expected value

Added by Jim Pingle over 3 years ago. Updated about 3 years ago.

Status:
Resolved
Priority:
Very High
Category:
Rules / NAT
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
22.01
Release Notes:
Force Exclusion
Affected Version:
2.6.0
Affected Architecture:

Description

On snapshots the rule number in the state table data does not contain the expected value

all tcp 198.51.100.104:443 <- 198.51.100.142:43958       FIN_WAIT_2:FIN_WAIT_2
   [2501411308 + 2147156224] wscale 7  [2163627184 + 4278255872] wscale 7
   age 750314:22:56, expires in 00:00:00, 36:45 pkts, 4179:19880 bytes, rule 1744830464
   id: 1caa1f6100000002 creatorid: be86b95f gateway: 198.51.100.1
   origif: vtnet0
: pfctl -vvsr | egrep 1744830464
:

It should show the rule number from this entry:

\@104(1617118076) pass in quick on vtnet0 reply-to (vtnet0 198.51.100.1) inet from <RemoteAdmin:0> to (self:1) flags S/SA keep state label "USER_RULE: Allow Remote Admin to this firewall (permissive)" 

It behaves as expected on the current release, but is broken on snapshots.

Actions

Also available in: Atom PDF