Project

General

Profile

Actions

Bug #3208

closed

interface name over 17 characters long results in pf errors

Added by Adam Thompson over 10 years ago. Updated almost 10 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
Start date:
09/17/2013
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1
Affected Architecture:

Description

Renaming an interface to, in my case, RD_LOM_DISTRIBUTION caused this error:

Sep 17 18:43:39 f1 php: rc.bootup: New alert found: There were error(s) loading the rules: /tmp/rules.debug:177: rule label too long (max 63 chars) - The line in question reads [177]: block in log quick on $RD_LOM_DISTRIBUTION from 192.168.0.0/16 to any label "Block private networks from RD_LOM_DISTRIBUTION block 192.168/16"

I didn't test to see if the problem went away with RD_LOM_DISTRIBUTIO or RD_LOM_DISTRIBUTI but based on the error message, one of those should work. I always make fencepost errors when adding up things like this.

I'm unsure if the appropriate action is to limit the length of an interface name, or to truncate the pf labels at 63 chars when generating /tmp/rules.debug.

Actions #1

Updated by Renato Botelho over 10 years ago

  • Category set to Rules / NAT
  • Target version set to 2.1.1
Actions #2

Updated by Renato Botelho over 10 years ago

  • Priority changed from High to Normal
Actions #3

Updated by Renato Botelho over 10 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #5

Updated by Renato Botelho about 10 years ago

  • Status changed from Feedback to Resolved
Actions #6

Updated by Damien Montalan almost 10 years ago

The problem persists in 2.1.3 release, if interface is an Interface Group of more than 15 characters

Actions

Also available in: Atom PDF