Project

General

Profile

Actions
Copy link

Bug #15657

closed

State table entries printed on ``diag_dump_states.php`` may contain an unexpected interface

Added by Marcos M 3 months ago. Updated 7 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Marcos M
Category:
Diagnostics
Target version:
2.8.0
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
24.11
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

When route-to sends traffic out of a different gateway from the default route, the state's interface is set according to the new gateway/path and the original default route's interface is kept in the origif value. In the following example, igc3 is WAN1 (default gateway) and igc2 is WAN2. The state is a ping sourced from WAN2's address (using the if-bound state policy):

igc2 icmp 192.168.1.253:10514 -> 1.1.1.1:8       0:0
   age 00:00:07, expires in 00:00:09, 7:7 pkts, 588:588 bytes, rule 166, allow-opts
   id: f86ccf6600000000 creatorid: dc608246 route-to: 192.168.1.254@igc2
   origif: igc3

Currently, the diagnostics page lists origif for the interface; instead it should show the "real" interface.

Actions
Copy link
 #1

Updated by Marcos M 3 months ago

The state info is retrieved by calling pfSense_get_pf_states() which in turn populates state info by calling pfSense_append_state(). The following is an example of the state info retrieved:

  array(17) {
    ["if"]=>
    string(4) "igc3" 
    ["proto"]=>
    string(4) "icmp" 
    ["direction"]=>
    string(3) "out" 
    ["src"]=>
    string(18) "192.168.1.253:8717" 
    ["dst"]=>
    string(14) "1.1.1.1:8" 
    ["state"]=>
    string(3) "0:0" 
    ["age"]=>
    string(8) "00:00:07" 
    ["expires in"]=>
    string(8) "00:00:10" 
    ["packets total"]=>
    float(14)
    ["packets in"]=>
    float(7)
    ["packets out"]=>
    float(7)
    ["bytes total"]=>
    float(1176)
    ["bytes in"]=>
    float(588)
    ["bytes out"]=>
    float(588)
    ["rule"]=>
    int(166)
    ["id"]=>
    string(16) "f9cecf6600000000" 
    ["creatorid"]=>
    string(8) "dc608246" 
  }

To resolve the issue, if should contain the "real" interface, and a new origif value can be set when it exists on the state.

Actions
Copy link
 #2

Updated by Marcos M 3 months ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by Marcos M 3 months ago

  • Status changed from New to Pull Request Review
  • Assignee set to Marcos M
  • Target version set to 2.8.0
  • Plus Target Version set to 24.08
Actions
Copy link
 #4

Updated by Jim Pingle 15 days ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100

This was merged a couple months ago

Actions
Copy link
 #5

Updated by Jim Pingle 14 days ago

  • Plus Target Version changed from 24.08 to 24.11
Actions
Copy link
 #6

Updated by Jim Pingle 14 days ago

  • Subject changed from Unexpected interface can be listed in Diagnostics > States to State table entries printed on ``diag_dump_states.php`` may contain an unexpected interface
Actions
Copy link
 #7

Updated by Georgiy Tyutyunnik 7 days ago

tested, reproduced on
24.03-RELEASE (amd64)
built on Wed Aug 21 17:32:00 CEST 2024
FreeBSD 15.0-CURRENT

currently fixed, tested on
24.11-ALPHA (amd64)
built on Fri Oct 18 8:00:00 CEST 2024
FreeBSD 15.0-CURRENT

Actions
Copy link
 #8

Updated by Georgiy Tyutyunnik 7 days ago

  • Status changed from Feedback to Resolved
Actions
Copy link

Also available in: Atom PDF