Bug #14007: Using PF reserved keywords for interface descriptions results in an invalid ruleset - pfSense - pfSense bugtracker

Actions

Copy link

Bug #14007

closed

Using PF reserved keywords for interface descriptions results in an invalid ruleset

Added by Marcos M about 1 year ago. Updated about 1 year ago.

Status:

Resolved

Priority:

Normal

Assignee:

Jim Pingle

Category:

Aliases / Tables

Target version:

2.7.0

Start date:

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

23.05

Release Notes:

Default

Affected Version:

Affected Architecture:

Description

Interface descriptions are used to generate system aliases placed in /tmp/rules.debug. Interface descriptions are checked against the reserved aliases list leading to firewall rules failing to be generated.

Example:
user = "{ lagg0.66 }"

        <opt9>
            <descr><![CDATA[user]]></descr>
            <if>lagg0.66</if>
            <enable></enable>
            <ipaddr>10.60.6.1</ipaddr>
            <subnet>24</subnet>
            <spoofmac></spoofmac>
        </opt9>

There were error(s) loading the rules: /tmp/rules.debug:19: syntax error - The line in question reads [19]: user = "{ lagg0.66 }"

Reserved list: https://github.com/pfsense/pfsense/blob/master/src/etc/inc/globals.inc#L223

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #14007

Using PF reserved keywords for interface descriptions results in an invalid ruleset

Updated by Marcos M about 1 year ago

Updated by Jim Pingle about 1 year ago

Updated by Jim Pingle about 1 year ago

Updated by Jim Pingle about 1 year ago

Updated by Jim Pingle about 1 year ago

Updated by Georgiy Tyutyunnik about 1 year ago

Updated by Jim Pingle about 1 year ago