Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Marius Rieder

Pages1
#1
25.1, 25.4 Production Series / Re: API Created Rules not visible in 25.1.5_5
May 09, 2025, 11:45:23 AM
I had an interface set so the rule was not shown in the list of floating rules. So clearly the problem was the User. The new automation rule list never shows you all rules only the floating, groups or interface rules. I like the possibility to look at and search all rules at once. But otherwise the new interface is very nice.

 - Marius
#2
25.1, 25.4 Production Series / API Created Rules not visible in 25.1.5_5
April 16, 2025, 03:44:05 PM
I created some rules using the API (with the ansible module) and are a bit perplexed that this rules does not show up in the UI. I created a second rule un the UI. This one shows up. The search api (/api/firewall/filter/search_rule) only return the rule i created in the UI. Unless the show_all=true is set. However in /api/firewall/filter/get the ansible created rule shows up and in "pfctl -v -s rule" too.

In the config both rules seem to look fine. Any ideas where to investigate further?

 - Marius


Code Select
<Filter version="1.0.4">
<rules>
<rule uuid="b5ed14b9-54e9-4935-8de3-14f6aaa91715">
<enabled>1</enabled>
<statetype>keep</statetype>
<state-policy/>
<sequence>100</sequence>
<action>pass</action>
<quick>1</quick>
<interfacenot>0</interfacenot>
<interface/>
<direction>in</direction>
<ipprotocol>inet</ipprotocol>
<protocol>TCP/UDP</protocol>
<source_net>any</source_net>
<source_not>0</source_not>
<source_port/>
<destination_net>any</destination_net>
<destination_not>0</destination_not>
<destination_port/>
<gateway/>
<replyto/>
<disablereplyto>0</disablereplyto>
<log>0</log>
<allowopts>0</allowopts>
<nosync>0</nosync>
<nopfsync>0</nopfsync>
<statetimeout/>
<max-src-nodes/>
<max-src-states/>
<max-src-conn/>
<max/>
<max-src-conn-rate/>
<max-src-conn-rates/>
<overload/>
<adaptivestart/>
<adaptiveend/>
<prio/>
<set-prio/>
<set-prio-low/>
<tag/>
<tagged/>
<tcpflags1/>
<tcpflags2/>
<categories/>
<sched/>
<tos/>
<shaper1/>
<shaper2/>
<description>test</description>
</rule>
<rule uuid="894a4527-ea77-4c98-988a-5a75afc9a387">
<enabled>1</enabled>
<statetype>keep</statetype>
<state-policy/>
<sequence>101</sequence>
<action>pass</action>
<quick>1</quick>
<interfacenot>0</interfacenot>
<interface>lan</interface>
<direction>in</direction>
<ipprotocol>inet</ipprotocol>
<protocol>TCP</protocol>
<source_net>192.168.0.0/24</source_net>
<source_not>0</source_not>
<source_port/>
<destination_net>192.168.1.0/24</destination_net>
<destination_not>0</destination_not>
<destination_port>443</destination_port>
<gateway/>
<replyto/>
<disablereplyto>0</disablereplyto>
<log>1</log>
<allowopts>0</allowopts>
<nosync>0</nosync>
<nopfsync>0</nopfsync>
<statetimeout/>
<max-src-nodes/>
<max-src-states/>
<max-src-conn/>
<max/>
<max-src-conn-rate/>
<max-src-conn-rates/>
<overload/>
<adaptivestart/>
<adaptiveend/>
<prio/>
<set-prio/>
<set-prio-low/>
<tag/>
<tagged/>
<tcpflags1/>
<tcpflags2/>
<categories/>
<sched/>
<tos/>
<shaper1/>
<shaper2/>
<description>ANSIBLE_TEST_1_1</description>
</rule>
</rules>
<snatrules/>
<npt/>
<onetoone/>
</Filter>
</Firewall>
Pages1