Project

General

Profile

Actions
Copy link

Bug #7173

closed

[2.3.3+] Interface groups with a '-' (dash) in name are not handled correctly, breaking firewall rules

Added by Kill Bill almost 8 years ago. Updated almost 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Renato Botelho
Category:
Interfaces
Target version:
2.3.3
Start date:
01/30/2017
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4
Affected Architecture:
All

Description

To reproduce:
- Create an interface group named like prefix-test
- Try to add some firewall rule there and save.

Alternative way to reproduce:
- Install tinc package
- Try to use the pkg-tinc interface in firewall rules

Result:

There were error(s) loading the rules: /tmp/rules.debug:149: macro 'prefix' not defined - The line in question reads [149]: pass in quick on $prefix-test inet from any to any tracker 1485799084 keep state label "USER_RULE"
@ 2017-01-30 17:58:07

Affected versions: RELENG_2_3 and master (no proper choice for 2.3.3 in Redmine).

Related forum thread (only linking the only useful post directly): https://forum.pfsense.org/index.php?topic=124622.msg689044#msg689044

(And while there, the GUI should NOT let users delete an interface group with a reserved pkg- prefix in name while the package that created it is still installed.)

@rbgarga - these were your commits IIRC. https://github.com/pfsense/FreeBSD-ports/pull/149

Actions
Copy link

Also available in: Atom PDF