System: Gateways: Group not working well

Started by jimmy shao, January 30, 2016, 06:34:03 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 30, 2016, 06:34:03 PM Last Edit: January 30, 2016, 07:46:04 PM by cnjimmyshao
(System: Gateways: Group) setting is not working well:

  • 2 gateway groups added, only 1 groups show up in the drop down list of Gateway selection in (Firewall: Rules)
  • if select any group in the firewall rules will make the firewall failed and not able to get online even delete the rule.
there must be some bug, please check it, thanks!
February 02, 2016, 08:31:19 AM #1
Hi there, which version are you using? We checked, but couldn't reproduce so far.
February 03, 2016, 12:51:13 PM #2 Last Edit: February 04, 2016, 06:48:14 AM by franco
Hi, Franco:

Thanks for the reply.

On the last post, it happens with Below version:
Code Select
OPNsense 16.1-amd64
FreeBSD 10.2-RELEASE-p11
OpenSSL 1.0.2e 3 Dec 2015

Today, the system upgraded to
Code Select
OPNsense 16.1.1-amd64
FreeBSD 10.2-RELEASE-p11
OpenSSL 1.0.2f 28 Jan 2016
the problem still exist.

I made some screen shot and Configuration backup file for your reference.
February 04, 2016, 08:12:02 AM #3
It looks like your gateways are being deselected on grounds of not having them set up properly (disabled interfaces or being marked as inactive because an interface may be missing). Please double-check your missing gateways setup.

However, I've added a patch that makes all gateways show up in the rules edit page, that should fix your visibility issue and makes all gateways selectable, but your setup may still be off. You can import the fix from the console:

# cd /usr/local/www
# fetch https://raw.githubusercontent.com/opnsense/core/2db592b/src/www/firewall_rules_edit.php

If you can confirm that this works for you I will add this to 16.1.2.
February 07, 2016, 04:30:20 AM #4
yes, follow by your instruction, new interface shows up in the drop down list, make the screen capture as attachment.

i will check out the interface setting later, and feed back to you.
February 07, 2016, 04:53:48 AM #5
Hi, Franco

I double checked all the interfaces, seems all are working well.

So, I made a test:

Create the 5th gateways group which has the exactly same setting as the 1th gateways group, an already existing and well function one, here comes the scenario:

Before create the new gateways group:


  • There are total 4 gateways groups, 3 gateways groups shows up in the drop down list of firewall rule setting.

  • the 4th one is missing, according to the last post, it may cause by some interface issue.
After create the new gateways group:


  • There are total 5 gateways groups, 4 gateways groups shows up in the drop down list of firewall rule setting.
  • the 5th one, also the new add one is missing. which suppose show be a well function one as the 1th gateways group

so, I think it was not revelation with interface setting issue?
February 15, 2016, 07:59:09 AM #6
The question is do all of these gateways work with the fix? :)
February 16, 2016, 03:59:05 AM #7
Unfortunately, no.
After patch the fix, still, the latest added gateway group could not show up properly.  :-\
September 16, 2016, 02:12:44 PM #8
Hi Franco,

problem still exists in 16.7.3

Best wishes,
Boris
September 19, 2016, 07:44:39 AM #9
I can't seem to reproduce this. I add a gateway group, it gets added in the firewall rule drop down. I add another one, it gets added to the dropdown, too.

I've asked Boris for box access. These issues are trivial to fix, but we need the exact conditions to reproduce or the actual box where this happens in order to go forward.

There is a small GUI issue where the last entry of a drop-down is truncated a bit, but the typeahead still works and looking at the attached screenshot it's still possible to select the last gateway. (Just in case this is the reported issue, which is annoying but not a high-priority item.)


Cheers,
Franco
Print
Go Up Pages1
User actions