Project

General

Profile

Actions

Bug #14637

closed

PHP shell script ``pfanchordrill`` shows duplicate anchor content

Added by Marcos M over 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Console Menu
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.09
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

23.09-DEVELOPMENT][root@gw]/root: cat /tmp/_r
pass in quick on ovpns1 inet from 172.25.1.50 to 10.0.0.0/16
[23.09-DEVELOPMENT][root@gw]/root: pfctl -a openvpn/test -f /tmp/_r
[23.09-DEVELOPMENT][root@gw]/root: pfSsh.php playback pfanchordrill
[...]
natrules rules/nat contents:

openvpn rules/nat contents:

openvpn/test rules/nat contents:
pass in quick on ovpns1 inet from 172.25.1.50 to 10.0.0.0/16 flags S/SA keep state

openvpn/test rules/nat contents:
pass in quick on ovpns1 inet from 172.25.1.50 to 10.0.0.0/16 flags S/SA keep state

tftp-proxy rules/nat contents:
[...]
[23.09-DEVELOPMENT][root@gw]/root: pfctl -vsA
  ipsec
  miniupnpd
  natearly
  natrules
  openvpn
  openvpn/test
  tftp-proxy
[...]
[23.09-DEVELOPMENT][root@gw]/root: pfctl -a openvpn/test -sr
pass in quick on ovpns1 inet from 172.25.1.50 to 10.0.0.0/16 flags S/SA keep state

Related issues

Related to Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``Needs PatchMarcos M

Actions
Actions #1

Updated by Marcos M over 1 year ago

  • Status changed from New to Pull Request Review
  • Target version set to 2.8.0
  • Plus Target Version set to 23.09

https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1054

For future reference, pfctl -vsA loops through L3 rules first, then Ethernet rules which can result in duplicate anchor names being shown.

Actions #2

Updated by Marcos M over 1 year ago

  • Related to Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp`` added
Actions #3

Updated by Marcos M over 1 year ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100
Actions #4

Updated by Jim Pingle over 1 year ago

  • Subject changed from pfanchordrill shows duplicate anchors to PHP shell script ``pfanchordrill`` shows duplicate anchor content

Updating subject for release notes.

Actions #5

Updated by Danilo Zrenjanin over 1 year ago

  • Status changed from Feedback to Resolved

The patch fixes it.

I am marking the ticket resolved.

Actions #6

Updated by Jim Pingle about 1 year ago

  • Target version changed from 2.8.0 to 2.7.1
Actions

Also available in: Atom PDF