Bug #13507
closed
Copying multiple rules at the same time results in new rules with duplicate tracker IDs
Added by Marcos M about 2 years ago.
Updated over 1 year ago.
Plus Target Version:
23.01
Description
Tested on 22.05 and 22.11.
- Select two rules on the LAN
- Click the
Copy button on the bottom of the page
- Select a new interface
- Click
Paste
Results
anchor "userrules/*"
pass in quick on $LAN inet from 192.168.1.1/32 to any ridentifier 0100000101 keep state label "USER_RULE: Default allow LAN to any rule" label "id:0100000101"
pass in quick on $LAN inet from 192.168.1.1/32 to any ridentifier 1663817371 keep state label "USER_RULE: Default allow LAN to any rule" label "id:1663817371"
pass in quick on $OPT1 inet from 192.168.2.1/32 to any ridentifier 1663817432 keep state label "USER_RULE: Default allow LAN to any rule" label "id:1663817432"
pass in quick on $OPT1 inet from 192.168.2.1/32 to any ridentifier 1663817432 keep state label "USER_RULE: Default allow LAN to any rule" label "id:1663817432"
Note: This can lead to the firewall logs showing logs for a different match, e.g. logging a block rule with the description of a pass rule. If possible, the fix should be retroactive.
- Related to Bug #13518: Firewall Rules get duplicated <rule> <id></id><tracker>1664099550</tracker> after Copy Tracking ID added
- Related to deleted (Bug #13518: Firewall Rules get duplicated <rule> <id></id><tracker>1664099550</tracker> after Copy Tracking ID)
- Has duplicate Bug #13518: Firewall Rules get duplicated <rule> <id></id><tracker>1664099550</tracker> after Copy Tracking ID added
- Target version set to 2.7.0
- Plus Target Version changed from 22.11 to 23.01
- Assignee set to Jim Pingle
- Status changed from New to In Progress
Looks like a simple fix, it's using microtime inside a loop and it should just be using that once as a starting value and increasing from there.
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
there is no duplication after copy/past the rules.
anchor "userrules/*"
pass in quick on $WAN reply-to ( em0 10.100.100.1 ) inet from any to any ridentifier 1670093227 keep state label "USER_RULE" label "id:1670093227"
pass in quick on $LAN inet proto tcp from 192.168.1.0/24 to any ridentifier 1670108040 flags S/SA keep state label "USER_RULE: test_copy" label "id:1670108040"
pass in quick on $LAN inet proto udp from 192.168.1.1 to any ridentifier 1670108176 keep state label "USER_RULE: test_UDP" label "id:1670108176"
pass in quick on $OPT2 inet proto tcp from 172.18.88.0/24 to any ridentifier 1670108187 flags S/SA keep state label "USER_RULE: test_copy" label "id:1670108187"
pass in quick on $OPT2 inet proto udp from 172.18.88.1 to any ridentifier 1670108188 keep state label "USER_RULE: test_UDP" label "id:1670108188"
23.01-DEVELOPMENT (amd64)
built on Fri Dec 02 06:04:48 UTC 2022
- Status changed from Feedback to Resolved
- Subject changed from Copying multiple rules at the same time results in new rules with duplicate ridentifiers to Copying multiple rules at the same time results in new rules with duplicate tracker IDs
Updating subject for release notes.
- Affected Version set to 2.7.0
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by