OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: bb-mitch on November 05, 2018, 07:09:51 am
-
In my configuration, I have two hosts using HA/CARP.
On primary / carp master, go to Firewall -> Diagnostics -> States Dump
Filter on an IP. Press Kill.
Refilter on the same IP, the states do not seem to be cleared.
Pressed X on each state, and then filter on the same IP.
The states do not seem to be cleared.
I took the host in question offline. Repeated the process. I did this to ensure the host was not re-establishing the states before I could see them deleted.
So then I complete reset the states with Firewall -> Diagnostics -> States Reset
Now the states are gone. I haven't had to do this often, but I'm pretty sure this worked properly in 18.1.x - is there something wrong with my procedure?
Thanks!
M
-
Can anyone confirm / deny?
If I kill off a state, it doesn't seem to be removed, but killing all states does work.
Will upgrade another router currently not in an HA set and see if I can duplicate the findings there.
Thanks!
-
Same Here.
Filter -> KILL (click on X) then re filter, still there.
Any suggestions ?
-
This should do the trick for 19.1, but it doesn't patch on 18.7 at the moment:
https://github.com/opnsense/core/commit/5a95ccfef3
The issue seems to be that some states have direction "in" where srcip and dstip needto be reversed for the removal on the command line. It's more of a GUI convenience trick that causes the tool underneath to break. Everything else on that page works including removing "out" states.
Cheers,
Franco