Project

General

Profile

Actions

Correction #13699

open

Clarification to URL / URL Table Aliases in Docs

Added by Jens Groh 2 months ago. Updated 2 months ago.

Status:
New
Priority:
Normal
Assignee:
Category:
Firewall Rules
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Hi,

I got a mail by a customer that was a bit confused about the wording on the docs page concerning the differences between URL and URL Table style aliases. The docs state in https://docs.netgate.com/pfsense/en/latest/firewall/aliases.html#alias-settings

URL (IP or Port)
The alias is built from the content returned by the specified URL, but is read only a single time. Once added, it becomes a normal network or port type alias.

A bit further below in https://docs.netgate.com/pfsense/en/latest/firewall/aliases.html#url-aliases it states in the last paragraph

For a URL type alias, the contents of the alias are re-fetched every 24 hours from the stored URL by the firewall.

So that results in a bit of confusion with the customer and after reading it myself now I'm not sure myself if understood correctly ;)
IS the URL type refreshing the alias after 24h (without any chance to configure the interval like the URL table with the CIDR dropdown repurposed) or is the first sentence correct and it is pulled a single time and then "converted" to a network or port alias (depending on the input of the URL)?

Perhaps that should be worded a bit more clear :)

Cheers
Jens

Actions #1

Updated by Jim Pingle 2 months ago

  • Assignee set to Jim Pingle

The behavior did change over time so neither one of those is quite right.

The top part is wrong because it doesn't turn into a regular alias, it stays a URL type alias but the config contains both the original URL and the addresses from the alias so the size limit and such is still relevant. Editing the alias and re-saving will cause the URLs to be re-fetched and update the configuration.

The bottom part is wrong since the automatic update part only applies to URL table aliases.

Actions #2

Updated by Jens Groh 2 months ago

Jim Pingle wrote in #note-1:

The bottom part is wrong since the automatic update part only applies to URL table aliases.

So I'm right in remembering, that URL-style aliases are only fetched once (and again every edit but then stay static) and only tables are refreshed by days configured? (Of course pfBNG can refresh them sooner if used, only talking core functionality here)

Thanks,
\jens

Actions #3

Updated by Jim Pingle 2 months ago

Jens Groh wrote in #note-2:

So I'm right in remembering, that URL-style aliases are only fetched once (and again every edit but then stay static) and only tables are refreshed by days configured? (Of course pfBNG can refresh them sooner if used, only talking core functionality here)

Correct, URL aliases are fetched on save, URL table aliases are updated by cron with the exact timing based on their configuration.

Actions

Also available in: Atom PDF