Bug #12356
closedValidation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries
100%
Description
It is possible to delete the Virtual IP that is used by IPsec PH1
see the result in the attached screenshot
Files
Updated by Viktor Gurov over 3 years ago
Updated by Jim Pingle over 3 years ago
- Status changed from New to Pull Request Review
- Assignee set to Viktor Gurov
- Target version set to CE-Next
- Plus Target Version set to 22.01
Updated by Viktor Gurov about 3 years ago
- Status changed from Pull Request Review to Feedback
- % Done changed from 0 to 100
Applied in changeset 42259176d0c0a4ca49099ef5cdbcbfdacdd64589.
Updated by Max Leighton about 3 years ago
I tested this in:
22.01-DEVELOPMENT (amd64)
built on Sat Oct 09 05:27:30 UTC 2021
FreeBSD 12.2-STABLE
And I can still delete VIPs that are used by IPsec and get the error shown in the screenshot.
Updated by Viktor Gurov about 3 years ago
Max Leighton wrote in #note-4:
I tested this in:
22.01-DEVELOPMENT (amd64)
built on Sat Oct 09 05:27:30 UTC 2021
FreeBSD 12.2-STABLEAnd I can still delete VIPs that are used by IPsec and get the error shown in the screenshot.
works as expected on 2.6.0.a.20211009.0500
try to upgrade to the latest snapshot
Updated by Max Leighton about 3 years ago
Yes, I tested again in the latest build of 2.6 and it works as expected.
2.6.0-DEVELOPMENT (amd64)
built on Sat Oct 09 05:20:31 UTC 2021
FreeBSD 12.2-STABLE
But it looks like it has not made it into 21.02 because it does not work in the latest build of 21.02.
Updated by Kris Phillips about 3 years ago
Can confirm this hasn't been merged into the Oct 9th build of pfSense Plus 22.01. We need to patch this in pfSense Plus as well as CE.
Updated by Danilo Zrenjanin about 3 years ago
I tested on the:
2.6.0-DEVELOPMENT (amd64) built on Sat Oct 16 05:24:35 UTC 2021 FreeBSD 12.2-STABLE
I can confirm it works. However, there is an unexpected error message. I opened a new bug report - https://redmine.pfsense.org/issues/12463
Updated by Danilo Zrenjanin about 3 years ago
- Status changed from Feedback to Resolved
Tested on the:
2.6.0-DEVELOPMENT (amd64) built on Fri Oct 22 05:26:55 UTC 2021 FreeBSD 12.3-PRERELEASE
The unexpected error message has been fixed through the Bug report #12442.
Everything works as expected now. Ticket resolved.
Updated by Jim Pingle about 3 years ago
- Target version changed from CE-Next to 2.6.0
Updated by Jim Pingle about 3 years ago
- Subject changed from deleteVIP() does not check IPsec PH1 to Validation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries
Updating subject for release notes.