Bug #13908: Firewall rules are not reloaded when removing a VIP, outdated rules/entries remain active - pfSense - pfSense bugtracker

Actions

Copy link

Bug #13908

closed

Firewall rules are not reloaded when removing a VIP, outdated rules/entries remain active

Added by Danilo Zrenjanin about 1 year ago. Updated about 1 year ago.

Status:

Resolved

Priority:

Normal

Assignee:

Jim Pingle

Category:

Virtual IP Addresses

Target version:

2.7.0

Start date:

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

23.05

Release Notes:

Default

Affected Version:

Affected Architecture:

Description

Carp automatically generated rules generated after defining a CARP VIP don't get removed after removing the CARP VIP.

If you manually run the filter reload, the rules will get removed.

Steps to reproduce:

Define a CARP VIP on the WAN interface

Confirm that the rules have been created in the /tmp/reles.debug file.

# CARP rules
block in log quick proto carp from (self) to any ridentifier 1000000201
pass  quick proto carp ridentifier 1000000202 no state

Remove the CARP VIP on the WAN interface defined in step 1.
Check the /tmp/reles.debug file again, and the rules will still be present

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #13908

Firewall rules are not reloaded when removing a VIP, outdated rules/entries remain active

Updated by Jim Pingle about 1 year ago

Updated by Jim Pingle about 1 year ago

Updated by Jim Pingle about 1 year ago

Updated by Danilo Zrenjanin about 1 year ago

Updated by Jim Pingle about 1 year ago