Bug #13445


``easyrule`` CLI script issues

Added by Jim Pingle 3 months ago. Updated 23 days ago.

Rules / NAT
Target version:
Start date:
Due date:
% Done:


Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:


While updating docs I noticed a few minor issues in the ``easyrule`` CLI script/backend code that need addressing:

  • The protocol validation isn't functional, it's checking if the return value is -1 when it should be comparing to false. Fixing that might break other things, though. Currently the validation only checks if it's a valid protocol name, and it should allow passing a protocol by number as well as a protocol of any.
  • The special network list used to validate special src/dst addresses is incomplete, it's missing (self) -- need to check if the () might not pass through from CLI unless quoted, may need an alternate keyword or at least some help text to show it in quotes.
  • Error messages always say "Host" for src/dst even when passing a network or other keyword, it should use a different term.
  • Interface validation error can't print the invalid value as it's clobbered by a failed validation. It doesn't need to try printing the value anyhow
  • Interface validation allows using the internal name (wan, lan, opt1) or the custom name (FIBER, LAN, DMZ) but it doesn't allow using the OS interface name for assigned interfaces. It should be possible to allow that as well.
  • CLI usage/help text could mention some of the special keywords that can be used (e.g. any for proto/src/dst/port) and maybe print a link to the docs.
Actions #1

Updated by Jim Pingle about 2 months ago

  • Plus Target Version changed from 22.11 to 23.01
Actions #2

Updated by Jim Pingle 23 days ago

  • Status changed from New to In Progress

See also: #13627

Actions #3

Updated by Jim Pingle 23 days ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100

Also available in: Atom PDF