Bug #12991: DNS Resolver ACLs are not updated when OpenVPN networks change - pfSense - pfSense bugtracker

Custom queries

2.4.5-p1 - Resolved/Closed
2.5.0 - Resolved/Closed
2.5.1 - Resolved/Closed
2.5.2 - Resolved/Closed
2.6.0 - Resolved/Closed
2.7.0 - Resolved/Closed
2.7.1 - All Open Issues
2.7.1 - Resolved/Closed
2.7.2 - Resolved/Closed
2.8.0 - All Open Bugs
2.8.0 - All Open Features
2.8.0 - All Open Issues
2.8.0 - All Open Regressions
2.8.0 - Feedback
2.8.0 - Needs Attention
2.8.0 - New/Confirmed
2.8.0 - Pull Requests
2.8.0 - Regressions affecting 2.7.0
2.8.0 - Resolved/Closed
21.02.2/2.5.1 - Resolved/Closed
21.05 Plus - All Closed Issues
21.05.1 Plus Target - All Closed Issues
21.05.1 Target - All Closed Issues
22.01 Plus - All Closed Issues
22.01 Target - All Closed Issues
22.05 Plus - All Closed Issues
22.05 Target - All Closed Issues
23.01 Plus - All Closed Issues
23.01 Target - All Closed Issues
23.05 Plus - All Closed Issues
23.05 Target - All Closed Issues
23.05.1 Plus - All Closed Issues
23.05.1 Target - All Closed Issues
23.09 Plus - All Closed Issues
23.09 Target - All Closed Issues
23.09.1 Plus - All Closed Issues
23.09.1 Target - All Closed Issues
24.03 Plus - All Closed Issues
24.03 Target - All Closed Issues
24.11 Plus - All Closed Issues
24.11 Plus - All Open Issues
24.11 Plus - Feedback Issues
24.11 Plus - Needs Attention/Work
24.11 Plus - New/Confirmed/In Progress Issues
24.11 Target - All Closed Issues
24.11 Target - All Open Issues
25.01 Plus - All Closed Issues
25.01 Plus - All Open Issues
25.01 Plus - Feedback Issues
25.01 Plus - Needs Attention/Work
25.01 Plus - New/Confirmed/In Progress Issues
25.01 Plus - Pull Request Review
25.01 Plus - Waiting on Merge
25.01 Target - All Closed Issues
25.01 Target - All Open Issues
All Open Issues assigned to Me
All Open Pull Requests
Any Target - All Open Regressions
Any Target - Feedback Issues
CE-Next - All Closed Issues (Move to specific target)
CE-Next - All Open Issues
CE-Next - Feedback (Likely needs target changed)
New Issues by Category - Future Target
New Issues by Category - No Target
New Issues by Category - No Target+Future
No Target - All Open Issues (Base Only)
No Target - New Issues (Base Only)
No Target - New Issues (Base and Packages)
Release Notes - Plus Target Version (DO NOT EDIT)
Release Notes - Target Version (DO NOT EDIT)

Actions

Copy link

Bug #12991

closed

DNS Resolver ACLs are not updated when OpenVPN networks change

Added by Viktor Gurov over 2 years ago. Updated over 2 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Viktor Gurov

Category:

DNS Resolver

Target version:

2.7.0

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

22.05

Release Notes:

Default

Affected Version:

2.6.0

Affected Architecture:

Description

The access_lists.conf file doesn't get updated automatically after creating a CSO entry. After the manual unbound restart, the CSO subnet was added (#12636#note-5).
Same issue on the OpenVPN Tunnel/Local/Remote network change.

Related issues

Related to Feature #12636: Automatically create DNS Resolver ACLs for OpenVPN CSO entries

Resolved

Viktor Gurov

Actions

Related to Regression #13059: Error when saving changes to a disabled OpenVPN client

Resolved

Marcos M

Actions

Related to Regression #13117: pfBlockerNG DNSBL unbound python mode prevents deletion of OpenVPN server and client configurations

Resolved

Viktor Gurov

Actions

Issue # Delay: days Cancel

History
Notes
Property changes
Associated revisions

Actions

Copy link

Updated by Viktor Gurov over 2 years ago

Related to Feature #12636: Automatically create DNS Resolver ACLs for OpenVPN CSO entries added

Actions

Copy link

Updated by Viktor Gurov over 2 years ago

Assignee set to Viktor Gurov
Target version set to 2.7.0
Plus Target Version set to 22.05

fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/691

Actions

Copy link

Updated by Jim Pingle over 2 years ago

Status changed from New to Pull Request Review

Actions

Copy link

Updated by Viktor Gurov over 2 years ago

Status changed from Pull Request Review to Feedback

Merged:
https://github.com/pfsense/pfsense/commit/1ff9c7c3ee0f060c4fd80a9db04c164cd1e92ec7

Actions

Copy link

Updated by Danilo Zrenjanin over 2 years ago

Tested with the patch against:

2.7.0-DEVELOPMENT (amd64)
built on Mon Mar 28 06:17:26 UTC 2022
FreeBSD 12.3-STABLE

The tunnel network from the server and SCO setup changes automatically update the access_lists.conf file. Yet, I don't think the Local/Remote networks entries should be added to the access_lists.conf file.

Please confirm.

Actions

Copy link

Updated by Viktor Gurov over 2 years ago

Status changed from Feedback to New

Danilo Zrenjanin wrote in #note-5:

Tested with the patch against:
[...]

The tunnel network from the server and SCO setup changes automatically update the access_lists.conf file. Yet, I don't think the Local/Remote networks entries should be added to the access_lists.conf file.

Please confirm.

fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/698

Actions

Copy link

Updated by Jim Pingle over 2 years ago

Status changed from New to Pull Request Review

Actions

Copy link

Updated by Viktor Gurov over 2 years ago

Status changed from Pull Request Review to Feedback

Merged:
https://github.com/pfsense/pfsense/commit/34fc7cd6b5a1b9cb9edafb13cd3dbb4142c66294

Actions

Copy link

Updated by Jim Pingle over 2 years ago

Subject changed from Unbound ACL is not updated on OpenVPN Tunnel/Local/Remote network change to DNS Resolver ACLs are not updated when OpenVPN networks change

Updating subject for release notes.

Actions

Copy link

#10

Updated by Danilo Zrenjanin over 2 years ago

Status changed from Feedback to Resolved

Tested on the:

2.7.0-DEVELOPMENT (amd64)
built on Sat Apr 09 06:19:35 UTC 2022
FreeBSD 12.3-STABLE

It works as expected. Ticket resolved.

Actions

Copy link

#11

Updated by Viktor Gurov over 2 years ago

Related to Regression #13059: Error when saving changes to a disabled OpenVPN client added

Actions

Copy link

#12

Updated by Viktor Gurov over 2 years ago

Related to Regression #13117: pfBlockerNG DNSBL unbound python mode prevents deletion of OpenVPN server and client configurations added

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #12991

DNS Resolver ACLs are not updated when OpenVPN networks change

Updated by Viktor Gurov over 2 years ago

Updated by Viktor Gurov over 2 years ago

Updated by Jim Pingle over 2 years ago

Updated by Viktor Gurov over 2 years ago

Updated by Danilo Zrenjanin over 2 years ago

Updated by Viktor Gurov over 2 years ago

Updated by Jim Pingle over 2 years ago

Updated by Viktor Gurov over 2 years ago

Updated by Jim Pingle over 2 years ago

Updated by Danilo Zrenjanin over 2 years ago

Updated by Viktor Gurov over 2 years ago

Updated by Viktor Gurov over 2 years ago