Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Aliases API in 19.1
« previous
next »
Print
Pages: [
1
]
Author
Topic: Aliases API in 19.1 (Read 4451 times)
seized
Newbie
Posts: 13
Karma: 3
Aliases API in 19.1
«
on:
February 02, 2019, 01:47:05 am »
I have a fail2ban script setup that will add and remove IPs from a hosts alias. It was working with 18.7.9 but post upgrade to 19.1 it seems a bit strange. It seems like alias_util is overwriting the alias with a delay.
Adding IP works but the previous IPs seem to get deleted right after. It isnt my fail2ban script, I am running these manually for the below test.
root@cerberus:/home/admin # pfctl -t BANNED -Ts
1.0.1.4
Doing the add from another host:
curl -XPOST -d '{"address":"1.0.1.10"}' -H "Content-Type: application/json" -k -u "key":"secret"
https://cerberus/api/firewall/alias_util/add/BANNED
{"status":"done"}
Table updates correctly as expected:
root@cerberus:/home/admin # pfctl -t BANNED -Ts
1.0.1.4
1.0.1.10
Here I did not call the reconfigure part of the API yet, but now the table reverts to only one entry (the most recent one) within 30 seconds:
root@cerberus:/home/admin # pfctl -t BANNED -Ts
1.0.1.10
I tried host and network type aliases and its the same behavior. If I add through the UI then both entries stay. Adding a third through alias_util causes the earlier ones to be deleted.
I could be misunderstanding the API but since it worked in 18.7.9 I suspect this is a 19.1 bug?
Logged
seized
Newbie
Posts: 13
Karma: 3
Re: Aliases API in 19.1
«
Reply #1 on:
February 11, 2019, 04:53:20 am »
For anyone else that digs this up, this was fixed with a patch.
https://github.com/opnsense/core/issues/3214
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Aliases API in 19.1