Messages

If you think this is a bug, it would be great if you open an issue on github with simple steps to reproduce. Thank you :)

https://github.com/opnsense/core/issues

That was my next step ^^. Updated here: https://github.com/opnsense/core/issues/9680

OK - I can verify this is a bug because I tested this on my live network during a planned network maintenance window. Unfortunately, all network access went down when doing the FW group renaming in the same way I did this in the test environment on real hardware. I would not recommend changing a FW group name until this is resolved.

Hi,

I primarily use groups for setting policies for my configuration. In a test config running in Proxmox this morning, I tried to go back and sanitize some FW group names, changing three of them from

• all_internal SEQ 11
• priv_internal SEQ 9
• iot_internal SEQ 9

to

• GRP_all_int SEQ 11
• GRP_priv_int SEQ 9
• GRP_iot_int SEQ 9

After changing them in the test network and clicking [APPLY] (in the web GUI), access to the Internet went down (defined in rules in GRP_all_int). For reference, the GRP_all_int has general network rules to the Internet, and GRP_priv_int and GRP_iot_int have internal rules that are specific to the VLANs for the interfaces that make up each group. Then each interface has interface specific FW rules and a final rule to block all other undefined network traffic as a catch all.

I rebooted and reloaded the web admin interface, but no joy - couldn't access google.com. Traffic was hitting the catch all rule. Not until I rolled back in the GUI the names and clicked [APPLY] was Internet access restored. Has anyone else encountered this issue by changing FW group names in the web GUI?