Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall Alias import bug after upgrade to 23.05-RELEASE (amd64)

    Scheduled Pinned Locked Moved
    General pfSense Questions
    5
    6
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      danielbaird
      last edited by

      after upgrading to 23.05 (activated as pfSense plus) I encountered a bug in the Firewall Alias import feature.

      navigating Firewall / Aliases / IP
      then clicking Import brings up the form
      I enter an alias name (that is checked to be valid e.g. NET_Google)
      then paste in a set of IP subnets e.g.
      34.116.0.0/14
      142.250.66.0/24
      172.217.24.0/24
      142.250.0.0/16
      then save, and it instantly shows a PHP error. SSH to the device shows the error above the menu. reboot fails to load the config
      connect to serial console, drop to shell and copy over the last known good config backup over the top of config.xml, then reboot, and its back to normal.

      i'm hesitant to try this again on a prod system. i can try to replicate on a test device later if i have time

      1 Reply Last reply Reply Quote 1
      • jimpJ jimp moved this topic from Problems Installing or Upgrading pfSense Software on
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        I can reproduce that here on a completely fresh install. Which is odd since there was a different bug there in 23.01 that we fixed and multiple people tested it after that, and it had been working.

        I created a new issue to address this:

        https://redmine.pfsense.org/issues/14412

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 2
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by jimp

          I committed a fix for this: https://github.com/pfsense/pfsense/commit/217f42ec30a4008907ac6fbb65b7b2e0ebf51eb9

          You can install the System Patches package and then create an entry for 217f42ec30a4008907ac6fbb65b7b2e0ebf51eb9 to apply the fix.

          To recover, however, you would need to edit the configuration (8 from the console, then viconfig, then remove the broken <aliases> section. Then you can use the config history function to restore a previous config with your aliases from before the import attempt.

          Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          T Bob.DigB 2 Replies Last reply Reply Quote 5
          • S SteveITS referenced this topic on
          • T tman222 referenced this topic on
          • T
            troysjanda @jimp
            last edited by

            @jimp should this be applied right away?

            Dell Poweredge r210 II, Intel(R) Xeon(R) CPU E31240 @ 3.30GHz RAM: 16GB
            Dell Enterprise HHD x1 500gb (ZFS)
            Pfsense: 2.7.1(amd64)
            Installed Pkg's: Cron, System_Patches.

            S 1 Reply Last reply Reply Quote 0
            • S
              SteveITS Rebel Alliance @troysjanda
              last edited by

              @troysjanda If you don't use the import feature on the alias page (I never have) then it doesn't really matter. You can apply if you want to.

              Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
              Upvote ๐Ÿ‘ helpful posts!

              1 Reply Last reply Reply Quote 2
              • Bob.DigB
                Bob.Dig LAYER 8 @jimp
                last edited by

                @jimp said in Firewall Alias import bug after upgrade to 23.05-RELEASE (amd64):

                I committed a fix for this: https://github.com/pfsense/pfsense/commit/217f42ec30a4008907ac6fbb65b7b2e0ebf51eb9

                That is a nasty bug. Never thought I would use vim one day.

                1 Reply Last reply Reply Quote 0
                • bmeeksB bmeeks referenced this topic on
                • G Gektor referenced this topic on
                • S SteveITS referenced this topic on
                • S SteveITS referenced this topic on
                • B bfeitell referenced this topic on
                • Bob.DigB Bob.Dig referenced this topic on
                • bmeeksB bmeeks referenced this topic on
                • K KB8DOA referenced this topic on
                • First post
                  Last post