Project

General

Profile

Actions

Feature #14448

closed

Support interface groups in firewall rule source/destination fields

Added by Chris M Scott 11 months ago. Updated 6 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Rules / NAT
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.09
Release Notes:
Default

Description

You can select interface networks as a source/destination. It would be useful to be able to select an interface group as well for total abstraction


Related issues

Is duplicate of Feature #746: Add interface group to source/dest drop downsDuplicate07/19/2010

Actions
Actions #1

Updated by Chris M Scott 11 months ago

You can select interface networks as a source/destination. It would be useful to be able to select an interface group as well for total abstraction and a singe source of truth

Actions #2

Updated by Marcos M 10 months ago

  • Project changed from pfSense Plus to pfSense
  • Category changed from Rules / NAT to Rules / NAT
Actions #3

Updated by Marcos M 9 months ago

  • Status changed from New to In Progress
  • Assignee set to Marcos M
Actions #4

Updated by Marcos M 9 months ago

  • Status changed from In Progress to Pull Request Review
Actions #5

Updated by Lev Prokofev 9 months ago

Tested on

23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT

Option to choose "interface group" network appears in the firewall rules, pfctl shows created rules after a filter reload

pass in quick on igb1 inet proto tcp from 10.0.10.0/24 to any flags S/SA keep state label "USER_RULE" label "id:1690478259" ridentifier 1690478259
pass in quick on igb1 inet proto tcp from 192.168.10.0/24 to any flags S/SA keep state label "USER_RULE" label "id:1690478259" ridentifier 1690478259
USER_RULE id:1690478259 114 0 0 0 0 0 0 0
USER_RULE id:1690478259 14 0 0 0 0 0 0 0
Actions #6

Updated by Georgiy Tyutyunnik 9 months ago

tested on:

Version 2.7.0-RELEASE (amd64)
built on Wed Jun 28 03:53:34 UTC 2023
FreeBSD 14.0-CURRENT

Version 23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT

works solid. you can refer to the interface group networks even if some members don't have a subnet on them, and it doesn't break anything

Actions #7

Updated by Marcos M 9 months ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100
Actions #8

Updated by Marcos M 9 months ago

  • Subject changed from Add interface group alias to firewall rules dialog to Support interface groups in firewall rule source/destination fields
  • Status changed from Feedback to Resolved
  • Target version set to 2.8.0
  • Plus Target Version set to 23.09
Actions #9

Updated by Jim Pingle 6 months ago

  • Target version changed from 2.8.0 to 2.7.1
Actions #10

Updated by Marcos M 3 months ago

  • Is duplicate of Feature #746: Add interface group to source/dest drop downs added
Actions

Also available in: Atom PDF