Bug #12942
closed
Code to kill states for old gateway when reconnecting an interface is incorrect
100%
Description
There are a few places where we may want to clear states using an old gateway when it's no longer valid, and there is some (ineffective) code in some of these places now.
The places this is being done are:
/etc/inc/interfaces.incininterface_bring_down()where it sets$old_router(should be here, but old/bad code was removed a while ago, though the unused code setting$old_routerremains./usr/local/sbin/pfSense-dhclient-scriptwhere it setsOLD_ROUTER/usr/local/sbin/ppp-linkupwhere it setsOLD_ROUTER
These should be using pfctl -k gateway -k <address> either instead of or in addition to the commands already present.
Related issues
Updated by Jim Pingle about 3 years ago
- Related to Feature #12092: Utilize new ``pfctl`` abilities to kill states added
Updated by Jim Pingle about 3 years ago
- Status changed from New to Pull Request Review
MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/673
Might be too aggressive, also might need to cover more interface types.
Relies on some changes in https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/672 so that should be merged first.
Updated by Jim Pingle about 3 years ago
- Blocked by Feature #12931: Retain knowledge of previous dynamic gateway IP address when interface is down added
Updated by Jim Pingle about 3 years ago
- Status changed from Pull Request Review to In Progress
While this does work, it can be harsh and should be made optional if possible. A global option similar to the option to kill states for down gateways is likely sufficient, though a per-gateway or per-interface option would be even better. This only makes sense for dynamic interfaces/gateways, not static. Static interfaces retain their address when they go down while dynamic interfaces such as DHCP, PPP, etc. do not.
Updated by Jim Pingle about 3 years ago
- Status changed from In Progress to New
- Target version changed from 2.7.0 to CE-Next
- Plus Target Version changed from 22.05 to 22.09
Back burner this for now, can revisit soon. The current gateway behavior appears to be sufficient, this might be nice to have but not worth the effort yet.
Updated by Viktor Gurov about 3 years ago
- Related to Feature #12807: Clear Active Secondary WAN Connections added
Updated by Jim Pingle almost 3 years ago
- Plus Target Version changed from 22.09 to 22.11
Updated by Jim Pingle over 2 years ago
- Plus Target Version changed from 22.11 to 23.01
Updated by Jim Pingle over 2 years ago
- Plus Target Version changed from 23.01 to 23.05
Bump this forward again, not enough spare cycles this release to dig into it.
Updated by Jim Pingle about 2 years ago
- Plus Target Version changed from 23.05 to 23.09
Updated by Jim Pingle over 1 year ago
- Plus Target Version changed from 23.09 to 24.01
Updated by Jim Pingle over 1 year ago
- Plus Target Version changed from 24.01 to 24.03
Updated by Marcos M over 1 year ago
- Status changed from New to Pull Request Review
- Assignee changed from Jim Pingle to Marcos M
- Target version changed from CE-Next to 2.8.0
Updated by Marcos M over 1 year ago
- Status changed from Pull Request Review to Feedback
- % Done changed from 0 to 100
Applied in changeset b4df50f412a219e7c58563adb47fe1eabb2c405f.
Updated by Kris Phillips over 1 year ago
Tested bringing up and down a second gateway with state killing enabled on lower priority gateways and state killing for down gateways. Up and down events properly killed states as expected for both scenarios.
Seems to work perfectly, but someone else should test this as well since this is a very large change.
Updated by Marcos M about 1 year ago
- Status changed from Feedback to Resolved
- Release Notes changed from Default to Force Exclusion