Text only | Text with Images

OPNsense Forum

English Forums => 24.7, 24.10 Series => Topic started by: guenti_r on October 25, 2024, 10:13:35 AM

Title: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
Post by: guenti_r on October 25, 2024, 10:13:35 AM
Since upgrade to OPNsense 24.10_7-amd64 Business Edition, the labels in the firewall live view are completely wrong. Is there any known issue?

Hopefully this is only a display issue?

EDIT: issue persists also on community edition 24.7.7
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7)
Post by: Seimus on October 25, 2024, 10:34:20 AM
By labels you mean the descriptions used by rules?
And what do you mean wrong? How they are wrong?

Regards,
S.
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7)
Post by: guenti_r on October 25, 2024, 10:40:41 AM
Quote from: Seimus on October 25, 2024, 10:34:20 AM
By labels you mean the descriptions used by rules?
And what do you mean wrong? How they are wrong?

Yes, the description and if it is blocked or not, completely wrong.
For example, i have a rule that should allow something (with description/label), the firewall live view shows a wrong (other) rule and blocked instead of allowed, and vice versa.

Hopefully this is only a display-issue. This is a OPNsense-HA-Cluster in a datacenter, so when I saw that, I had a heart attack first.

We have alot of OPNsenseĀ“s out there, thatĀ“s the first time i saw this.
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7)
Post by: Seimus on October 25, 2024, 11:04:59 AM
Hm similar issues I have seen, when configuring new rules and reordering them.

Usually clearing state table helps (keep in mind this is disrupting).

Regards,
S.
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7)
Post by: guenti_r on October 25, 2024, 11:28:43 AM
Does not help, also after rebooting, issue persists.

Just for info, this issue also persists in the community edition OPNsense 24.7.7-amd64
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
Post by: Seimus on October 25, 2024, 12:04:11 PM
I just checked this on my unit CE 24.7.7 and I don't see this behavior.

Regards,
S.
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
Post by: guenti_r on October 25, 2024, 12:14:54 PM
Quote from: Seimus on October 25, 2024, 12:04:11 PM
I just checked this on my unit CE 24.7.7 and I don't see this behavior.

Thanks for the info.
I checked this on a few firewalls, the problem exists everywhere.
I think this issue belongs to the auto-generated rules.
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
Post by: chemlud on October 25, 2024, 12:28:56 PM
no such issue on 24.7.7 here. Changed rules recently?
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
Post by: guenti_r on October 25, 2024, 12:35:26 PM
Quote from: chemlud on October 25, 2024, 12:28:56 PM
no such issue on 24.7.7 here. Changed rules recently?

No, only updating OPNsense. Also found it in CE 24.7.6.
To be sure, logging for these rules must be enabled.
And yes, some portforwarding is also required.
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
Post by: guenti_r on October 25, 2024, 12:52:31 PM
Screenshot here (just one example),
This is a NAT Rule for incoming HTTPS-Traffic to an internal reverse proxy.
This rule is labelled as "Allow Proxy external HTTPS Access".

But instead it shows a completely wrong label.
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
Post by: guenti_r on October 25, 2024, 01:09:42 PM
Just another nonsense, similar rule.
Title: Re: Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
Post by: guenti_r on October 29, 2024, 12:15:32 PM
It turned out that the auto-generated rules cause this issue.
Hopefully it will fixed soon.
Title: Re: [SOLVED] Incorrect rule labels assigned in firewall live view (24.10_7 & 24.7.7)
Post by: guenti_r on October 30, 2024, 10:36:00 AM
deleted
Text only | Text with Images