• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Filter.inc error to build route-to gateway on rules

Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
9 Posts 4 Posters 3.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    DeepKnowledge
    last edited by Feb 11, 2009, 6:39 PM

    Hi,

    For me the line 1317 of filter.inc of pfsense 2009 Feb 08 01:49:12 it is bad.
    It put the pfsense's interface name into the pf rule.

    A better code is:
    $int = get_real_interface($GatewaysList[$gateway]['interface']);

    The gatewayGroup on rules is bad too.

    Fix it!
    Thanks

    1 Reply Last reply Reply Quote 0
    • S
      sullrich
      last edited by Feb 14, 2009, 9:50 PM

      Should be fixed in next snapshot.  Thanks

      1 Reply Last reply Reply Quote 0
      • N
        nocer
        last edited by Feb 15, 2009, 4:10 AM

        Hello,

        @sullrich:

        Should be fixed in next snapshot.  Thanks

        Same here, and waiting for next snap, however, snap server again doesn't seems to be working. I don't know how much about snap server but it's been something different than it used to be.

        So, when is the next snap available? I know your tell me it's available when it's ready, but it's not the point.

        cheers,

        1 Reply Last reply Reply Quote 0
        • D
          DeepKnowledge
          last edited by Feb 19, 2009, 10:53 AM

          I upgrade to

          2.0-ALPHA-ALPHA
          built on Wed Feb 18 19:10:34 EST 2009
          FreeBSD 7.1-RELEASE-p2

          but it is not fixed.

          1 Reply Last reply Reply Quote 0
          • E
            eri--
            last edited by Feb 19, 2009, 11:12 PM

            The error please.

            1 Reply Last reply Reply Quote 0
            • D
              DeepKnowledge
              last edited by Feb 20, 2009, 8:34 AM

              Filter.inc build this route-to pf rule:
              pass …. route-to ( wan ip.ip.ip.ip ) ...

              with this pf doesn't work.

              I changed the filter.inc's sintax so the pf's rule becomes:
              pass .... route-to ( re3 ip.ip.ip.ip ) ...

              and then pf work.

              my filter.inc code is this
              /* if user has selected a custom gateway, lets work with it /
              else if($rule['gateway'] <> "") {
              $routeto = " route-to { ";
              $gateway = $rule['gateway'];
              update_filter_reload_status("Creating gateway group item…");
              if(is_array($GatewayGroupsList[$gateway])) {
              /
              $gateway = $rule['gateway']; /
              $members = $GatewayGroupsList[$gateway];
              $member_count = count($members);
              foreach($members as $member) {
              $int = get_real_interface($member['int']);
              $gatewayip = $member['gwip'];
              if (($int <> "") && is_ipaddr($gatewayip)) {
              if($g['debug'])
              log_error("Setting up route with {$gatewayip} om $int");
              if($foundlb == 1)
              $routeto .= ", ";
              $routeto .= "( {$int} {$gatewayip} ) ";
              $foundlb = 1;
              } else {
              log_error("An error occurred while trying to find the interface got $gatewayip .  The rule has not been added.");
              }
              }
              /
              If we want failover just use route-to else round-robin /
              if($member_count == 1) {
              $routeto .= "} ";
              } else {
              $routeto .= "} round-robin ";
              if(isset($config['system']['lb_use_sticky']))
              $routeto .= " sticky-address ";
              }
              /
              Add the load balanced gateways /
              if ($foundlb == 1) {
              $aline['route'] = $routeto;
              }
              }
              /
              we're not using load balancing, just setup gateway /
              if($foundlb == 0) {
              /
              $gateway = $rule['gateway']; */
              if(!is_ipaddr($gateway)) {
              $gwip = $GatewaysList[$gateway]['gateway'];
              if ($GatewaysList[$gateway]['interface'])
              $int = get_real_interface($GatewaysList[$gateway]['interface']);
              else
              $int = "";
              } else {
              $gwip = $gateway;
              $int = guess_interface_from_ip($gateway);
              }
              if ((is_ipaddr($gwip)) && ($int <> "")) {
              $aline['route'] = " route-to ( {$int} {$gwip} ) ";
              } else {
              log_error("Could not find gateway ({$gateway}) for rule {$rule['descr']} - {$rule['interface']}.");
              }
              }
              }

              1 Reply Last reply Reply Quote 0
              • E
                eri--
                last edited by Feb 28, 2009, 11:45 PM

                Can you retry with the newest snapshots again?

                1 Reply Last reply Reply Quote 0
                • D
                  DeepKnowledge
                  last edited by Mar 10, 2009, 9:06 AM

                  2.0-ALPHA-ALPHA
                  built on Mon Mar 9 15:36:02 EDT 2009
                  FreeBSD 7.1-RELEASE-p3

                  Not work.

                  The gateway route-to into the rules.debug is wrong.

                  I am quite disappointed.

                  1 Reply Last reply Reply Quote 0
                  • E
                    eri--
                    last edited by Mar 10, 2009, 8:47 PM

                    Well since the hackathon is in place -> hackathon.pfsense.org it will be reviewed and i think next week it should be functional.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                      [[user:consent.lead]]
                      [[user:consent.not_received]]