"Quote from: franco on August 01, 2023, 01:00:11 PM
Yup
# opnsense-patch b52bf63e9 0e1aa4bcca6
Cheers,
Franco
Thanks for the quick patch!
have a good one,
Vall
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
23.7 Legacy Series / Re: Upgradethread 23.1.11_1 to 23.7
August 01, 2023, 03:12:05 PMThanks for the quick patch!
have a good one,
Vall
#2
23.7 Legacy Series / Re: Upgradethread 23.1.11_1 to 23.7
August 01, 2023, 01:00:34 AM
I'm having an issue with firewall groups on 23.7:
Before I go down the road of reinstalling, and trying the config restore I wanted to reach out and see if anyone else was experiencing a similar issue first.
all the best,
Vall
Edit:
Hunch I saw looking at my pre-migration config, vs. my post-migration config:
Is it possible somewhere in the ui (like JavaScript somewhere that doesn't affect the workings of the backend) is still expecting space separated ifgroup members instead of comma separated ifgroup members?
This would explain why my single-member interface group shows up correctly (because it's the same in both representations)
i.e ifgroups version="1.0.0":
<members>opt4,opt1,lan</members>
23.1.11:
<members>opt4 opt1 lan</members>
ifgroup with single entry is still working because it has no separators, and would be valid in both i.e.:
ifgroups version="1.0.0":
<members>lan</members>
23.1.11:
<members>lan</members>
Just a hunch that was keeping me awake.
thanks again,
Vall
- I noticed in the changelog that it was mentioned that the groups system was re-written using the MVC framework. Thinking this *may* be related to that in some way
- The odd part, is that I have a group containing a single interface [wan] containing only floating rules that IS working, while my other two are not.
- This appears to be an issue on the UI side only because firewall rules from the groups are applying correctly, and in the correct order
- Interfaces are no longer grouping by firewall group under the interfaces menu in the UI, except for the WAN interface group
- The group interfaces are showing up correctly under the firewall menu, and have the correct rules from my config XML in them
- Within a group interface's individual firewall rules menu, previously the group rules were shown underneath the auto-generated rules. Now they are omitted entirely [yet are working correctly in the background] with the exception of the WAN interface group; hence, I have some interfaces that only inherit from groups that appear completely empty, with no indication that they inherit from an interface group.
- I've tried creating a new group to see if it would show up, as well but it was omitted entirely from the firewall menu
- I've tried restoring from my configuration XML backups
- Multiple reboots
- Considering reinstalling 23.7 fresh on my box, and restoring from config
Before I go down the road of reinstalling, and trying the config restore I wanted to reach out and see if anyone else was experiencing a similar issue first.
all the best,
Vall
Edit:
Hunch I saw looking at my pre-migration config, vs. my post-migration config:
Is it possible somewhere in the ui (like JavaScript somewhere that doesn't affect the workings of the backend) is still expecting space separated ifgroup members instead of comma separated ifgroup members?
This would explain why my single-member interface group shows up correctly (because it's the same in both representations)
i.e ifgroups version="1.0.0":
<members>opt4,opt1,lan</members>
23.1.11:
<members>opt4 opt1 lan</members>
ifgroup with single entry is still working because it has no separators, and would be valid in both i.e.:
ifgroups version="1.0.0":
<members>lan</members>
23.1.11:
<members>lan</members>
Just a hunch that was keeping me awake.
thanks again,
Vall
Pages1
