Messages

OK I've found the "bug" with aliases (hosts) not working.
In my case I've a alias list with hosts they are used from MS for data collection.
One of them can't be resolved anymore so this entry should be skipped (in my opinion), but in that case it ended up with an error -> table generation (all) will be aborted -> aliases in that case will not work.

One deceased entry in an alias list is enough to stop the whole table generation  :o
This behavior should be changed to skip such entries.

After the update to 18.1.1 "IDS rule update problem" seems to be solved.
Unfortunately Alias problem still exist - aliases aren't working e.g. hosts  :(
Same outputs as posted before...

Under Firewall: Settings: Advanced, is " Verify HTTPS certificates when downloading alias URLs" checked or unchecked? Are you using a proxy server in your network doing HTTPS MITM?

In my Situation also:
Setting is unchecked and I'm not using a proxy server who intercepts https..

Maybe we should separate "not working" into two categories:

(a) Firewall: Diagnostics: pfTables -- alias empty
(b) generally not working in NAT or firewall rule

Then also check (b) under Firewall: Diagnostics: pfInfo (Rules) whether these non-working rules actually see traffic


Thanks,
Franco

For me (Alias problem):
(a) Firewall: Diagnostics: pfTables -- alias empty

# configctl filter refresh_aliases
Still empty

# rm /var/db/aliastables/EBL*
# configctl filter refresh_aliases
Still empty
Output: Error (1)

Strange Output now files and Aliases are missing:

root@*****:~ # ls -lah /var/db/aliastables/
total 12
drwxr-x---   2 root  wheel   512B Feb  2 10:29 .
drwxr-xr-x  18 root  wheel   1.0K Feb  2 08:36 ..
-rw-r-----   1 root  wheel   257B Feb  2 10:29 EBL.self.txt

Hopefully 18.1.1 will fix the Alias problem.
18.1 breaks a lot of things for me; All Aliases not working, NAT-Patch not working, IPS Rule Updates not working...