Rule disappears when multiple admins edit rules and separators
-
Hello together
this is my first post here.
I noticed the following:
When admin a creates a rule at the top in admin a Browser
then admin b creates a separator at the bottom, then admin b presses save in admin b Browser
Then the bottom rule disappears.I have attached the following pictures:
Initial position (Before change) -> initial
Admin a creates a rule -> new_rule
admin b creates a separator -> new_separator
admin b presses save -> presses_savetested versions:
2.4.5
2.6.0reproduced on hardware supermirco (production) and Hyper V (testing purposes)
Is this a bug? Or do you know this issue?
Initial:
new_rule:
new_separator:
presses_save:
-
In addition, it can also be reproduced only with one admin, who works with different browsers / session
And also important, if admin a in the example create 3 new rules, all three rules from initial config will be replaced
-
Prereqs
Admin A logs in to Firewall
Admin B logs in to same FirewallIntention
Admin A would like to create a firewall rule
Admin B would like to create a separatorIssue
If the two admins execute the changes at the same time, under certain conditions existing firewall rules will be deleted!Steps to reproduce
- Admin A creates one additional firewall rule. (Admin A does NOT yet click on apply.) The rule is now visible at the top of the list.
- Admin B creates one separator. The separator is now visible at the bottom of the list.
- Admin B clicks "save" on his separator.
- Result: The firewall rule in the bottom position is deleted and is replaced by the new firewall rule.
-
Try changing the value to 1 otherwise implement a change management regime.
You're asking for trouble IMO with two people doing changes at the same time.
-
@nogbadthebad thanks for your reply. (I work with @emasi on the project.) We are aware that the scenario is not ideal and we have already taken the necessary precautions (change management) so we don't trigger the issue anymore.
The fact remains that this issue is easily triggered. We have tested many scenarios. The conflict handling when creating rules alone is pretty neat really. But as soon as we add separators to the scenarios not only the new changes are conflicting - but the actions delete existing firewall rules. And that's dangerous, worth to mention and worth to fix. (At least we think it is.)
So we are following the pfSense bug report guide and are documenting our observations here to discuss first. Maybe you folks can confirm this is an issue so we can report it to pfSense Redmine. (We have never done that, so sorry if our procedure seems a bit wonky:)