OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: advcron on April 17, 2019, 02:58:58 pm

Title: [Solved] Alias Group Problem
Post by: advcron on April 17, 2019, 02:58:58 pm

OPNsense ver: 19.1.6

I can't add more then 4 exist alias to new alias (alias group). The file /var/db/aliastables/IP_Serwery_ALL.txt shows only content of first 4 alias ip.

 /var/db/aliastables/IP_Serwery_ALL.txt
192.168.1.10 -> Serwer_IPXE
192.168.0.11 -> Serwer_Nagios
192.168.0.12 -> Serwer_NAS
192.168.0.13 -> Serwer_AV

Should be :

 /var/db/aliastables/IP_Serwery_ALL.txt
192.168.1.10 -> Serwer_IPXE
192.168.0.11 -> Serwer_Nagios
192.168.0.12 -> Serwer_NAS
192.168.0.13 -> Serwer_AV
192.168.0.14 -> Serwer_AD


Also After click Apply button this kind of alias not update.
Update only when I remove  /var/db/aliastables/IP_Serwery_ALL.md5.txt or change md5 sum

Title: Re: Alias Group Problem
Post by: cguilford on April 17, 2019, 09:29:34 pm

Try:
opnsense-patch 50c25ea

Per - https://forum.opnsense.org/index.php?topic=12407.15

If that doesn't work try the other patch on the discussion

opnsense-patch ea2f217cf

Title: Re: Alias Group Problem
Post by: advcron on April 17, 2019, 10:04:41 pm

I have apply those patch:
opnsense-patch 50c25ea
opnsense-patch ea2f217cf

still doesn't work   :-[

Title: Re: Alias Group Problem
Post by: advcron on April 18, 2019, 11:24:03 am

More detail:
1. Opnense was installed from OPNsense-19.1.4-OpenSSL-dvd-amd64.iso
2. Host Alias with content of ip/net working/update well. Except situation in point 4.
3. Host Alias with content of anather alias (alias group). Not working.
a) Max entries of exist alias in alias group is five.
With max 5 entires files contains correct list of addresses. :
/var/db/aliastables/self.txt
/var/db/aliastables/md5.txt
/var/db/aliastables/*.txt
4. More then 5 entries couse that the anather host aliases (not group alias)  stop working well. Not update.
5. ALL alias group files (even witch three entries) dosen't update when we click Apply. We have to delete or change md5 sum file in /var/db/aliastables.
6. Delete alias not erase files in /var/db/aliastables and still exist in pftable.


Update:
Removing all three "|encode_idna" in file

Code: [Select]

/usr/local/opnsense/service/templates/OPNsense/Filter/filter_tables.conf fix Problem in point 3,4

Error in point 5,6 still exist.

Title: Re: Alias Group Problem
Post by: Steven on April 19, 2019, 01:40:05 pm

Quote

6. Delete alias not erase files in /var/db/aliastables and still exist in pftable.

If you reboot firewall this will clear out deleted alias from pfTable.

Title: Re: Alias Group Problem
Post by: advcron on April 19, 2019, 03:49:11 pm

Quote from: Steven on April 19, 2019, 01:40:05 pm

Quote

6. Delete alias not erase files in /var/db/aliastables and still exist in pftable.

If you reboot firewall this will clear out deleted alias from pfTable.

But it is not normal. I can not alwayes reboot firewall after delete aliases.

Wysłane z mojego Mi-4c przy użyciu Tapatalka

Title: Re: Alias Group Problem
Post by: advcron on April 21, 2019, 10:53:45 pm

Problem solved!

1. Empty pftables
Removing all three "|encode_idna" in file

Code: [Select]

/usr/local/opnsense/service/templates/OPNsense/Filter/filter_tables.conf2. After delete alias entry in pftables still exist

Code: [Select]

opnsense-patch e7840273. Alias group not update immediately after click apply

Code: [Select]

opnsense-patch 3dc5f71
https://github.com/opnsense/core/issues/3431
https://github.com/opnsense/core/issues/3432