Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Polynikes

Pages1
#1
25.1, 25.4 Series / Re: Issue under "Firewall Diagnostics" with wrong rules showing up
May 01, 2025, 01:44:40 AM
Well I consulted chatGPT and it suggested that I reset the states table (Firewall -> Diagnostics -> states -> "actions" tab -> reset state table.

Waited a while and the new table shows everything correctly. So it was some sort of mismatch of mismatch of states to rule labels, even though I think the rules were functioning correctly.

I'll leave this here in case anyone else has this issue.
#2
25.1, 25.4 Series / Re: Issue under "Firewall Diagnostics" with wrong rules showing up
May 01, 2025, 12:31:01 AM
I am having the same issue... firewall rules seem to be working correctly however the listed rule under states and sessions is completely unrelated. Note that the listed rule under live firewall is correct. There are NUMEROUS of these that are incorrect. The printer one just stands out because I have that super locked down.

Example session:

Code Select
Direction: in
Protocol: TCP
Source 192.168.30.13:39108
Gateway: Blank
Destination: 104.154.127.247:4070
State: Established:Established
Age: 198753 (sec)
Expires: 86396 (sec)
Pkts: (24.73 KB)
Bytes: 2.16 MB
Rule: Allow to printer
Allow to printer rule:

Code Select
    <rule uuid="87c85b75-c5c4-4392-9480-1280518a8978">
      <type>pass</type>
      <interface>opt4,opt3,opt5,opt1,opt9</interface>
      <ipprotocol>inet</ipprotocol>
      <statetype>keep state</statetype>
      <descr>Allow to printer</descr>
      <direction>in</direction>
      <category>Printer</category>
      <floating>yes</floating>
      <quick>1</quick>
      <protocol>udp</protocol>
      <source>
        <address>MattPhone,MattDesktop,BrittanyPhone,BrittanyDesktop,BrittanyLaptop,opt1,opt9</address>
      </source>
      <destination>
        <address>Printer</address>
        <port>137</port>
      </destination>
      <updated>
        <username>root@192.168.5.140</username>
        <time>1742339249.5835</time>
        <description>/firewall_rules_edit.php made changes</description>
      </updated>
      <created>
        <username>root@192.168.5.140</username>
        <time>1742339183.5002</time>
        <description>/firewall_rules_edit.php made changes</description>
      </created>
    </rule>
Relevant Aliases:

Printer = 192.168.110.23

Code Select
          <alias uuid="11725dcf-9635-4060-a57c-6eb581d43875">
            <enabled>1</enabled>
            <name>MattPhone</name>
            <type>host</type>
            <path_expression/>
            <proto/>
            <interface/>
            <counters>0</counters>
            <updatefreq/>
            <content>192.168.30.90</content>
            <password/>
            <username/>
            <authtype/>
            <categories/>
            <description>Matt Phone</description>
          </alias>
          <alias uuid="ab716668-ff02-43df-9924-5c2b4111e988">
            <enabled>1</enabled>
            <name>MattDesktop</name>
            <type>host</type>
            <path_expression/>
            <proto/>
            <interface/>
            <counters>0</counters>
            <updatefreq/>
            <content>192.168.5.140</content>
            <password/>
            <username/>
            <authtype/>
            <categories/>
            <description>Matt Desktop</description>
          </alias>
          <alias uuid="b6a10649-6875-4c3a-9212-e665e6be1a6c">
            <enabled>1</enabled>
            <name>BrittanyPhone</name>
            <type>host</type>
            <path_expression/>
            <proto/>
            <interface/>
            <counters>0</counters>
            <updatefreq/>
            <content>192.168.30.92</content>
            <password/>
            <username/>
            <authtype/>
            <categories/>
            <description>Brittany Phone</description>
          </alias>
          <alias uuid="3c7d5f60-e154-436f-a51a-c6853d01e446">
            <enabled>1</enabled>
            <name>BrittanyDesktop</name>
            <type>host</type>
            <path_expression/>
            <proto/>
            <interface/>
            <counters>0</counters>
            <updatefreq/>
            <content>192.168.40.10</content>
            <password/>
            <username/>
            <authtype/>
            <categories/>
            <description>Brittany Desktop</description>
          </alias>
          <alias uuid="1ae15403-2b03-4119-9ded-70bb007d7530">
            <enabled>1</enabled>
            <name>BrittanyLaptop</name>
            <type>host</type>
            <path_expression/>
            <proto/>
            <interface/>
            <counters>0</counters>
            <updatefreq/>
            <content>192.168.30.91</content>
            <password/>
            <username/>
            <authtype/>
            <categories/>
            <description>Brittany Laptop</description>
          </alias>
OPT1 is a wireguard interface for my phone on the 192.168.60.0/24 subnet.
OPT9 is a wireguard interface for my wife's phone on the 192.168.100.0/24 subnet.

Hope to get this figured out, seems like a number of people are experiencing this bug.

Edit: When I go to live firewall log and filter for "label: printer" I get only two matches, both of which are correct (from Matt Desktop to the printer).

This seems like a bug where it is miss associating rules.

Thanks
Pages1