Project

General

Profile

Actions

Bug #14631

closed

ACL on DNS Resolver is not updated list after IPs changed on interfaces

Added by aleksei prokofiev over 1 year ago. Updated 11 months ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
DNS Resolver
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

ACL on DNS Resolver is not updated list after IPs changed on interfaces.
How to repruduce:
1. Create new interface
2. DNS resolver with default settings with choose ALL int
3. Check ACL on DNS resolver, all network will be presented as allow
4. Change IP on interface
5. Check ACL on DNS resolver, it shows old network, the new won't be presented until restart resolver.
So if the hosts uses default DNS from pfSense interface, they get DNS queries with refuse flag.

Before IP change

Change IP on int

Check ACL, no update, still old network

After restart resolver, the list is updated

The same behaviour on 2.7.0
Also tested on 2.6.0 and it is working fine, no need restart resolver to update ACL list.


Files

clipboard-202307310941-lra8i.png (18.2 KB) clipboard-202307310941-lra8i.png aleksei prokofiev, 07/31/2023 06:42 AM
clipboard-202307310942-y6uwi.png (35.9 KB) clipboard-202307310942-y6uwi.png aleksei prokofiev, 07/31/2023 06:42 AM
clipboard-202307310943-dvhyx.png (11.6 KB) clipboard-202307310943-dvhyx.png aleksei prokofiev, 07/31/2023 06:43 AM
clipboard-202307310944-hxopr.png (11.8 KB) clipboard-202307310944-hxopr.png aleksei prokofiev, 07/31/2023 06:44 AM
clipboard-202307310946-gaj3j.png (11.3 KB) clipboard-202307310946-gaj3j.png aleksei prokofiev, 07/31/2023 06:46 AM
Screenshot 2023-12-19 at 7.57.24 PM.png (381 KB) Screenshot 2023-12-19 at 7.57.24 PM.png Jonathan Lee, 12/20/2023 03:57 AM

Related issues

Is duplicate of Bug #15071: Applying interface changes may not update default ACLs for the DNS ResolverResolvedMarcos M

Actions
Actions

Also available in: Atom PDF