Bug #4651
closed
Policy route negation rules receive the same tracker ID as the rule they are based upon, which confuses the log parser
100%
Description
If the policy route negation rules are active, the automatic negation rule receives the same tracker ID as the rule it is based upon:
pass in quick on $LAN inet proto tcp from any to <negate_networks> tracker 1429792471 flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination"
pass in quick on $LAN $GWttest inet proto tcp from any to any tracker 1429792471 flags S/SA keep state label "USER_RULE: negate check test"
Since the tracker ID is the same and it comes first in the ruleset, when set to log, the logs show the negate rule as passing the traffic when that is not the case.
Updated by Ermal Luçi almost 9 years ago
- Status changed from Confirmed to Feedback
- % Done changed from 0 to 100
Applied in changeset be8b480ed1ab787d35f2e8cfeb471b5b898b0fff.
Updated by Ermal Luçi almost 9 years ago
Applied in changeset 65ceb82d1e0727c0b0c2dcd3f8aa65277171ea33.
Updated by Chris Buechler almost 9 years ago
- Status changed from Feedback to Confirmed
- Assignee set to Ermal Luçi
the tracker on negate rules always ends up as "1" now.
Updated by Ermal Luçi almost 9 years ago
- Status changed from Confirmed to Feedback
Just a global correction.
Updated by Ermal Luçi almost 9 years ago
Applied in changeset 8c9216d5f2be3dda86032b24b187aba3328db0a8.
Updated by Ermal Luçi almost 9 years ago
Applied in changeset cba32cb1d87b813792a0f8caaf68a22f66af76e3.