Bug? User aliases defined as aliases and tables
-
It looks like user aliases are defined twice within rules.debug. First, as aliases at the beginning of the file:
User Aliases
Apple = "{ 17.250.248.95 17.250.236.65 69.225.175.91 }"
BcastAndMcast = "{ 248.0.0.0/5 255.0.0.0/8 }"Then later as tables
User-defined aliases follow
table <bcastandmcast>{ 248.0.0.0/5 255.0.0.0/8 }
table <apple>{ 17.250.248.95 17.250.236.65 69.225.175.91 }Within rules, the tables are used rather than the aliases:
block in quick on $wan from <bcastandmcast>to any label "USER_RULE: Block suspicious bcasts and mcasts"
Is this a bug that these User defined values are defined twice, in two different ways? Or am I missing something?</bcastandmcast></apple></bcastandmcast>
-
Not a bug really. Just cosmetic. Patches accepted to fix.
-
I don't think this is a bug. It was required for some special kind of aliases/special condition (not sure anymore) but the table-definition has been added to handle this (I think it was related to portsaliases).
-
In addition we load the ruleset with pfctl -o which optimizes the ruleset and removes duplicates.