Project

General

Profile

Bug #8783

Saving Captive Portal Zone removes Captive Portal rules

Added by Jim Pingle about 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Very High
Assignee:
Category:
Captive Portal
Target version:
Start date:
08/14/2018
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.4.4
Affected Architecture:
All

Description

When saving a Captive Portal zone, the rules disappear. Only way I've seen to bring them back is a reboot. After saving

Rules before saving:

: ipfw list
01000 skipto tablearg ip from any to any via table(cp_ifaces)
01100 allow ip from any to any
02100 pipe tablearg ip from any to any MAC table(myzone_pipe_mac)
02101 allow pfsync from any to any
02102 allow carp from any to any
02103 allow ip from any to any layer2 mac-type 0x0806,0x8035
02104 allow ip from any to any layer2 mac-type 0x888e,0x88c7
02105 allow ip from any to any layer2 mac-type 0x8863,0x8864
02106 deny ip from any to any layer2 not mac-type 0x0800,0x86dd
02107 allow ip from any to table(myzone_host_ips) in
02108 allow ip from table(myzone_host_ips) to any out
02109 allow ip from any to 255.255.255.255 in
02110 allow ip from 255.255.255.255 to any out
02111 pipe tablearg ip from table(myzone_allowed_up) to any in
02112 pipe tablearg ip from any to table(myzone_allowed_down) in
02113 pipe tablearg ip from table(myzone_allowed_up) to any out
02114 pipe tablearg ip from any to table(myzone_allowed_down) out
02115 pipe tablearg ip from table(myzone_auth_up) to any layer2 in
02116 pipe tablearg ip from any to table(myzone_auth_down) layer2 out
02117 fwd 127.0.0.1,8003 tcp from any to any 443 in
02118 fwd 127.0.0.1,8002 tcp from any to any 80 in
02119 allow tcp from any to any out
02120 skipto 65534 ip from any to any
65534 deny ip from any to any
65535 allow ip from any to any

Rules after saving:

: ipfw list
01000 skipto tablearg ip from any to any via table(cp_ifaces)
01100 allow ip from any to any
65534 deny ip from any to any
65535 allow ip from any to any

Saving again doesn't bring the rules back, it still only shows the truncated list.

This is a recent regression, it wasn't happening a week or two ago.

History

#1 Updated by Steve Beaver about 1 year ago

  • Assignee set to Anonymous

#2 Updated by Steve Beaver about 1 year ago

  • Status changed from New to This Sprint

#3 Updated by Jim Pingle about 1 year ago

Possibly related to #8744

#4 Updated by Steve Beaver about 1 year ago

  • Status changed from This Sprint to Feedback
  • Assignee changed from Anonymous to Steve Beaver

An update has been made to the pfSense PHP module to correct another issue. It is likely to have fixed this one too.

Please re-test after the next snapshot

#5 Updated by Jim Pingle about 1 year ago

  • Status changed from Feedback to Resolved

This is working now. After saving the correct rules are still present. Thanks!

Also available in: Atom PDF