OPNsense Forum

English Forums => Development and Code Review => Topic started by: DukeSniper on November 24, 2017, 12:27:47 pm

Title: [SOLVED] Feature Request: Use Aliases within Aliases
Post by: DukeSniper on November 24, 2017, 12:27:47 pm

EDIT: after some browsing the forums, I found the GitHub tracker and opened the request there.

To further simplify ruleset and alias definitions, it would be useful to be able to use Aliases within an Alias definition.

Consider the following simplified example. There's 2 Servers (Host_A and Host_B), that offer 3 Services. Host A offers Service_A, Host B offers Service_B, and they both offer Service_C. Right now, I would need to define 3 Aliases:

Host_A -> 10.10.10.10
Host_B -> 10.10.10.20
Hosts_AB -> 10.10.10.10, 10.10.10.20

Also, there's 3 rules for the  services

Rule Service_A uses the alias Host_A
Rule Service_B uses the alias Host_B
Rule Service_C uses the alias Hosts_AB

So far, so good. But what happens, if Host_A's IP address changes? With the current design, I'd have to check every alias and see if it contains Host_A's old IP address and change that, that would be 2 definitions to be changed in this overly simplified example (probably a few more in a production environment).

If I were able to use aliases within an alias definition, it would require only one change - the definition of Host_A. The Group definition would automatically be right again because it references the (now changed) definition of Host_A:

h_Host_A -> 10.10.10.10
h_Host_B -> 10.10.10.20
g_Group_AB -> h_Host_A, h_Host_B

Title: Re: Feature Request: Use Aliases within Aliases
Post by: guest16985 on December 19, 2017, 01:23:17 pm

This is already supported. Aliases within aliases is working fine for me in 17.7.10.

Title: Re: Feature Request: Use Aliases within Aliases
Post by: franco on December 19, 2017, 08:42:42 pm

I think this was pushed to GitHub later by DukeSniper and we discussed it there. There will be a small update to the GUI that mentions the capability of nesting for aliases.

I'm marking this solved. :)


Cheers,
Franco

Title: Re: [SOLVED] Feature Request: Use Aliases within Aliases
Post by: guest16985 on December 19, 2017, 11:51:19 pm

I will say, it could be better when configuring an alias within an alias. You have the know the exact name of the alias you're configuring, there's no popup or anything that shows the currently configured list like you see when you attach an alias to a firewall rule.

Title: Re: [SOLVED] Feature Request: Use Aliases within Aliases
Post by: franco on December 20, 2017, 06:50:11 am

That's true, maybe you could record a ticket here?

https://github.com/opnsense/core/issues


Thank you,
Franco