Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bug? User aliases defined as aliases and tables

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rcarr
      last edited by

      It looks like user aliases are defined twice within rules.debug.  First, as aliases at the beginning of the file:

      User Aliases

      Apple = "{ 17.250.248.95 17.250.236.65 69.225.175.91 }"
      BcastAndMcast = "{ 248.0.0.0/5 255.0.0.0/8 }"

      Then later as tables

      User-defined aliases follow

      table <bcastandmcast>{  248.0.0.0/5 255.0.0.0/8 }
      table <apple>{  17.250.248.95 17.250.236.65 69.225.175.91 }

      Within rules, the tables are used rather than the aliases:

      block in quick on $wan from <bcastandmcast>to any  label "USER_RULE: Block suspicious bcasts and mcasts"

      Is this a bug that these User defined values are defined twice, in two different ways?  Or am I missing something?</bcastandmcast></apple></bcastandmcast>

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        Not a bug really.  Just cosmetic.  Patches accepted to fix.

        1 Reply Last reply Reply Quote 0
        • H
          hoba
          last edited by

          I don't think this is a bug. It was required for some special kind of aliases/special condition (not sure anymore) but the table-definition has been added to handle this (I think it was related to portsaliases).

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            In addition we load the ruleset with pfctl -o which optimizes the ruleset and removes duplicates.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.