Project

General

Profile

Bug #9140

Erroneous port shown in firewall log details when using port alias

Added by S P 23 days ago. Updated 17 days ago.

Status:
New
Priority:
Very Low
Assignee:
-
Category:
Logging
Target version:
-
Start date:
11/20/2018
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.4.x
Affected Architecture:

Description

When using Port aliases, in the firewall log, when clicking on 'action' the triggering port seems to always be the first of the list.

As for the images, the triggering port is the 21, the port shown in 'detail' is 1001
the port list goes something like: 1001, 21, ...

log.png (4.1 KB) log.png S P, 11/20/2018 07:43 AM
detail.png (10.1 KB) detail.png S P, 11/20/2018 07:43 AM

History

#1 Updated by Jim Pingle 17 days ago

That's a side effect of how pf parses and reports the rules.

We write out the rule just once with a tracking ID in rules.debug, pf parses it and internally makes three separate rules, all with the same tracking ID.

It might be possible to fuss with the matching to make it print the expected port number there but I'm not certain it would be worth the effort.

Also available in: Atom PDF