Hi,
After altering an old alias and checking under "Firewall: Diagnose: Aliase" no IP is listed.
Doing a quick address it gives me this error:
"Eine API-Ausnahme ist aufgetreten
/usr/local/opnsense/mvc/app/models/OPNsense/Base/BaseModel.php:572: [OPNsense\Firewall\Alias:aliases.alias.f523df65-d602-4a54-ba47-d4e9253cc2ac.content] Eintrag "" ist kein(e) gültige(r) Hostname oder IP-Adresse."
Any ideas?
Thanks
hi yeah
I have to same problem, all my Alias host references no longer work with 21.7.1 release.
I will have to manually create many rules with IP addresses to fix this.
I think it's even worse, something funky with 21.7.1 and NAT
I've reverted back to 21.7 until this gets patched.
to revert go to the Opnsense console -> shell
opnsense-revert -r 21.7 opnsense
then reboot. This worked for me and all my Alias and NAT configs are now working again.
There really isn't a lot in 21.7.1 that is allegedly causing this. Most issues people reported are with GeoIP and tables overflowing due to spikes in GeoIP lists (US/Canada namely).
Just make sure you use an appropriate amount of maximum table entries under Firewall: Settings: Advanced. Anything over 2 million should be a good start if GeoIP is used...
Cheers,
Franco
I don't have any geoip lists, also table entries are over 2 milliions.
So definitely something broke.
What can I check to troubleshoot?
Are any of you using wireguard? If so, there is a problem where entering a dns server IP on the local tab will over-write the dns for the firewall.
If not check the dns IP on the firewall to see what is set to and also check if you are using a resolver. Make sure all the configurations you had are still there.
I'm not using wireguard or GeoIP.
My use-case is NAT translation no longer works for Mapping Alias hosts to OpenVPN Tunnels.
No Wireguard in use.
It's a long time since i had to change something in the firewall.
Now alias does not work, dnsbl wihtelisting does not work, unbound cannot resolve because of alias.
Api error occurs when i add an address, so I think something is broke.
Any ideas to troubleshoot?
I tried it, changed some Alias and looked, if it works correctly. Everything fine here.
In the past iirc some had problems with Aliases that resolved by deleting and re-creating the Aliases in question...
Recreating alias and rules worked. Thanks!
Still getting api errors:
[11-Aug-2021 12:11:41 Europe/Zurich] Phalcon\Validation\Exception: [OPNsense\Firewall\Alias:aliases.alias.ff7499bb-5f1c-4edc-a96a-de2eaec49961.content] Eintrag "" ist kein(e) gültige(r) Hostname oder IP-Adresse.
in /usr/local/opnsense/mvc/app/models/OPNsense/Base/BaseModel.php:572
Stack trace:
#0 /usr/local/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/AliasUtilController.php(256): OPNsense\Base\BaseModel->serializeToConfig()
#1 [internal function]: OPNsense\Firewall\Api\AliasUtilController->addAction('Vagrant')
#2 [internal function]: Phalcon\Dispatcher\AbstractDispatcher->callActionMethod(Object(OPNsense\Firewall\Api\AliasUtilController), 'addAction', Array)
#3 [internal function]: Phalcon\Dispatcher\AbstractDispatcher->dispatch()
#4 /usr/local/opnsense/www/api.php(26): Phalcon\Mvc\Application->handle('/api/firewall/a...')
#5 {main}
ooooof, re-creating 50+ Alias and subsequent rules is going to be a mammoth task, i will have to stick to 21.7 for a while until i can arrange a long window of downtime
That sound painful. Hope it works out with out any more issues (it's technology, so we all know what that means).