Firewall rule, source port range/destination port range cannot use aliases.



  • Hi guys,

    in version 1.2.3 , in the definition of firewall rules was possible to use the alias on source, source port range, destination, destination port range. I was surprised to see that in version 2.0 is no longer possible to use the alias on "source port range/destination port range " on firewall definition. Is this a bug or a feature change?

    Best Regards,

    Daniel


  • Rebel Alliance Developer Netgate

    It works for me, though you have to have a ports alias defined before anything will autocomplete from those fields.



  • Hi ,

    indeed, it is to be defined before, and it was. But where did I go wrong?
    I looked again and found the configuration, although I forgot I set the ports defined type ( instead of "port" type I left it default "host" ) .
    It's stupid what I did probably looking more careful I could not be wrong.
    But on the other hand pfSense should not let me save it in that form port (eg 443 or 80). I should have my attention that the ip is not formed properly not even save a host, as this format type (xxx instead of xx.xx.xx.xx). Try and see that you can.
    In those fields can enter anything and than save it . Syntax is not checked .
    Do not you think it is a problem!?

    Thank You !

    Best Regards.


  • Rebel Alliance Developer Netgate

    Selecting the wrong type is where you went wrong. Ports fields only complete port type aliases.

    The input validation may need some work, it's always fuzzy with aliases since there are many things that are valid depending on the type (IPs, ports, hostnames, other aliases, port ranges, URLs, etc)


Log in to reply