Hi all,
today we ran into the situation that a firewall rule didn't work. The rule uses a network alias called "localnetworks" for network 10.197.216.0/21 as destination. Traffic to this network should be rejected, but the rule never matched.
The configuration of the alias looked ok to me. The alias was enabled.
When looking at "Firewall" - "Diagnostics" - "Aliases" and choosing the alias "localnetworks" from the dropdown there is no entry in the table. The table is empty.
What fixed it for us: Disable the alias, click "Apply", enable the alias again, click "Apply". Now the table is the Diagnostic area is populated again and the rule matches.
So far, so good. :)
Now when I click "Flush" in the diagnostic area, the network "10.197.216.0/21" is removed from the table. After this, the table stays empty. Looking at the documentation, this table should be repopulated immediately (cf. the Warning at the end of this section https://docs.opnsense.org/manual/aliases.html#hosts).
Is this the expected behavior here, i.e. should the table be left empty? If so, clicking flush has serious implications regarding the firewall rules.
Thanks
Arno
Hi
is 23.1.5_2 installed
QuoteIs this the expected behavior here
don't think so. should be restored within 1 min imho
There are issues with Aliases that have been fixed whereby the Aliases are empty exactly as you describe.
Please ensure you are running 23.1.5_4
We were running OPNsense 23.1.5. I just updated to OPNsense 23.1.5_4 and now the alias seems to be restored shortly after clicking the flush button.
Thanks for the help! :-)