151
23.7 Legacy Series / Aliases ignored in rules since 23.7.8_1/3.0.12
« on: November 16, 2023, 05:09:33 am »
Hi Franco,
Here's an example taken from one of the FWs I moved on to 3.0.12 which hasn't been otherwise modified in a long time other than regular patching.
I already had he alias created or a while, just moved it now at the top and added the explicit deny right after.
Verified in conf.xml the alias_uuid matches in both rule and alias sections, aliases are enabled and no other "garbage" appears to be present in the configuration.
As you can see in the screenshot, the rules are simple and the two running pings fail - so the alias is somehow ignored
1. Allow ICMP to Alias (1.1.1.1, 8.8.8.8 and 9.9.9.9)
2. Deny ICMP
The firewalls are now on OPNsense 23.7.8_14.
I'll be back shortly after I deploy a fresh VM and try o reproduce it there on stock 23.7 fully updated.
Here's an example taken from one of the FWs I moved on to 3.0.12 which hasn't been otherwise modified in a long time other than regular patching.
I already had he alias created or a while, just moved it now at the top and added the explicit deny right after.
Verified in conf.xml the alias_uuid matches in both rule and alias sections, aliases are enabled and no other "garbage" appears to be present in the configuration.
As you can see in the screenshot, the rules are simple and the two running pings fail - so the alias is somehow ignored
1. Allow ICMP to Alias (1.1.1.1, 8.8.8.8 and 9.9.9.9)
2. Deny ICMP
The firewalls are now on OPNsense 23.7.8_14.
I'll be back shortly after I deploy a fresh VM and try o reproduce it there on stock 23.7 fully updated.