Project

General

Profile

Actions

Bug #3939

closed

Cannot create Host or Network type alias with an IP address/range

Added by Landon Timothy over 7 years ago. Updated over 7 years ago.

Status:
Resolved
Priority:
High
Category:
Rules / NAT
Target version:
Start date:
10/15/2014
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:

Description

Affects 2.1.5 release as well as the latest 2.2 build - pfSense-LiveCD-2.2-BETA-amd64-20141015-1437.iso

Repro steps:
Clean install or LiveCD boot.

Create new Host or Network type alias.
With FQDN only - pfctl -T show -t alias shows the resolved IP list.
Add IP/Network to the alias - pfctl -T show -t alias shows 'Table does not exist.'

Table is never created when using only IP/Network for alias.

Upgraded configurations from 2.1.x work, but new aliases created have the issue.

Actions #1

Updated by Chris Buechler over 7 years ago

  • Category set to Rules / NAT
  • Status changed from New to Confirmed
  • Priority changed from Normal to High
  • Target version set to 2.2

Confirmed as described. Create a new host alias containing only "example.com", save and apply changes.

# host example.com 
example.com has address 93.184.216.119
example.com has IPv6 address 2606:2800:220:6d:26bf:1447:1097:aa7
# pfctl -t TestAlias -T show 
   93.184.216.119
   2606:2800:220:6d:26bf:1447:1097:aa7

That's correct. Now edit that alias, and add an IP address in the second box. Save and apply changes.

# pfctl -t TestAlias -T show
pfctl: Table does not exist.
Actions #2

Updated by Chris Buechler over 7 years ago

  • Affected Version set to 2.2
Actions #3

Updated by Renato Botelho over 7 years ago

  • Assignee set to Renato Botelho
Actions #4

Updated by Renato Botelho over 7 years ago

  • Affected Version changed from 2.2 to 2.1.x
Actions #5

Updated by Chris Buechler over 7 years ago

  • Affected Version changed from 2.1.x to All
Actions #6

Updated by Renato Botelho over 7 years ago

  • Status changed from Confirmed to Feedback
  • % Done changed from 0 to 100

Please try next snapshots

Actions #8

Updated by Chris Buechler over 7 years ago

  • Assignee changed from Renato Botelho to Chris Buechler

to me for testing

Actions #9

Updated by Chris Buechler over 7 years ago

  • Status changed from Feedback to Resolved

works

Actions #10

Updated by Renato Botelho over 7 years ago

  • Status changed from Resolved to Assigned
  • Assignee changed from Chris Buechler to Renato Botelho

Ermal pointed that the function I disabled is needed in some specific cases. I'm reviewing

Actions #11

Updated by Renato Botelho over 7 years ago

  • Status changed from Assigned to Feedback

New snapshots will contain last filterdns code

Actions #12

Updated by Chris Buechler over 7 years ago

  • Assignee changed from Renato Botelho to Chris Buechler

to me for testing

Actions #13

Updated by Chris Buechler over 7 years ago

  • Status changed from Feedback to Resolved

fixed

Actions #14

Updated by Landon Timothy over 7 years ago

It looks like there is still an issue with this.
If I create a new alias with 2 networks and 2 FQDN's, all expected entries are in the table.
Add another FQDN, some (or all) of the networks are removed but the resolved FQDN's stay in the table.
The resolver log shows messages like these:

filterdns: Different hostnames(10.0.0.0 - www.pfsense.org) resolve to same ip address
filterdns: Different hostnames(172.16.0.0 - www.pfsense.org) resolve to same ip address

Actions

Also available in: Atom PDF