Bug #1323
closed
Wrong rule file generation with build "Thu Mar 3 19:27:51 EST 2011"
100%
Description
The file which creates rules for pf (probably filter.inc), is creating wrong lines for rules which have no specific protocol.
It may have been introduced before this build.
Generated rules look like:
pass log quick on { WANs openvpn } proto from any to 10.0.0.16 keep state label "USER_RULE: Test"
pass in log quick on $BACKUPINTERFACE proto from 10.0.0.1/24 to ! 10.0.0.0/8 keep state label "USER_RULE: LoadBalance"
You can see that there's "proto" followed by no protocol. Removing "proto" fixes the issue.
I'll try to provide a fix later. However, I currently cannot access my router over SSH, seems there's another issue with the anti-lockout rule not really working anymore.
Updated by Martin Dupont over 13 years ago
/etc/inc/filter.inc, change line 1763 into
if(isset($rule['protocol']) && !empty($rule['protocol'])) {
Updated by Jim Pingle over 13 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 1b761f36b7c2c484f894e6412a1efad769533696.
Updated by Chris Buechler over 13 years ago
- Status changed from Feedback to Resolved