Project

General

Profile

Bug #6976

Interface group and alias with same name creates firewall syntax error

Added by Sander Peterse 6 months ago. Updated 3 months ago.

Status:
Resolved
Priority:
Normal
Category:
Web Interface
Target version:
Start date:
11/30/2016
Due date:
% Done:

100%

Affected version:
2.3.2
Affected Architecture:

Description

The firewall fails to reload when using the same name for an alias and interface group.

Steps to reproduce:
1. Create interface group with name "TestFirewall" assign atleast one interface.
2. Create alias with name "TestFirewall", for example to IP 8.8.8.8
3. Create a filewall rule on the interface group "TestFirewall" and use the alias "TestFirewall" in this rule.
4. Reload the firewall (apply config changes).
5. PFSense will report a syntax error (red alert icon in the right top of the webinterface).

Associated revisions

Revision ee5284ce
Added by Renato Botelho 5 months ago

Ticket #6976: Check disabled interfaces

Revision 7ec6e283
Added by Renato Botelho 5 months ago

Fix #6976: Make sure interface description, interface name and alias don't have the same name

Revision e4830f02
Added by Renato Botelho 5 months ago

Ticket #6976: Check disabled interfaces

Revision f6e519ec
Added by Renato Botelho 5 months ago

Fix #6976: Make sure interface description, interface name and alias don't have the same name

History

#1 Updated by Jim Pingle 6 months ago

  • Category set to Web Interface
  • Status changed from New to Confirmed
  • Assignee set to Steve Beaver
  • Target version set to 2.4.0

This is also a problem on 2.4.

Input validation should prevent an alias from using a name that is already an interface or group name, and it should also prevent an interface group from using a name used by aliases.

/interfaces_groups_edit.php

- DOES prevent a group name from overlapping an existing interface - This is OK
- DOES NOT prevent a group name from overlapping an alias - This must be fixed

/firewall_aliases_edit.php

- DOES NOT prevent an alias name from overlapping an existing interface (e.g. WAN, OPT1) - This must be fixed
- DOES NOT prevent an alias name from overlapping an interface group name - This must be added

#2 Updated by Renato Botelho 5 months ago

  • Assignee changed from Steve Beaver to Renato Botelho

I'll handle it

#3 Updated by Renato Botelho 5 months ago

  • Status changed from Confirmed to Feedback
  • % Done changed from 0 to 100

#4 Updated by Jim Pingle 5 months ago

  • Status changed from Feedback to Resolved

All of the problem cases work as expected now. Names are rejected as being in use, I was not able to make a conflict.

#5 Updated by Jim Pingle 3 months ago

  • Target version changed from 2.4.0 to 2.3.3

Also available in: Atom PDF