Bug: Floating "Match" rules are showing as "Pass" in the overview
-
Hi All,
All my floating rules are "Match" rules but they are showing as "Pass" in the GUI overview (see screenshot).
I had a strange behavior where traffic was allowed that shouldn't be and I found out I accidentally set a floating rule to "pass" instead of "match" and there is no way to see the difference when I view the floating rules tab.Unless this is something wrong limited to my pfSense box (I don't expect that) I consider this as a severe bug. In my opinion a ruleset is the most important part of a firewall and should be correctly showing what is going on.
Thanks,
Mike
-
That's normal; Match does not yet have its own icon.
-
Thanks, I noticed that - that's why I created that post.
"Match" and "pass" is something completely different. Showing it with the same icon is not a good idea. Is it something that can be fixed directly in PHP? Or would that require some to compile some code?
-
More graphic design than anything. There is no icon of another color to use. So someone will have to come up with a new color/icon style to indicate "match" and then add some code to use it on the rules in the PHP page that renders the floating rules.
-
Thank you!
That was a pretty simple change. Results and icons below. Now "match" rules are no longer shown as "pass". They now have their own icons.I use the theme pfsense_ng.
For those who want to add the functionality these are the simple changes I have done (keep in mind that any updates will likely destroy the functionality and revert back to "match" and "pass" rules both showing as "pass"):1. copy icon_match.gif and icon_match_d.gif to /usr/local/www/themes/pfsense_ng/images/icons
2. Edit /usr/local/www/firewall_rules.php and change the following lines:
Around line 570 add the two lines marked in red:
if ($filterent['type'] == "block")
$iconfn = "block";
else if ($filterent['type'] == "reject")
$iconfn = "reject";
else if ($filterent['type'] == "match")
$iconfn = "match";
else
$iconfn = "pass";Around lines 840 add and change the following lines:
-
Good work!
-
Good work!
Thank you! :)
Btw, I forgot to mention something. Not sure how copyrights for simple things like icons are treated here and as I am very careful to not violate any copyrights from someone else:
The two icons are created by myself and they are free to use/distribute/modify/whatever. No copyrights or any other restrictions.
-
You should submit that as a pull request on github. :)
-
You should submit that as a pull request on github. :)
I would… but I have no clue how to do that. I'm even struggling to download sources from Github so certainly I have no idea how to submit a pull request. :'(
-
Pull request #1154
https://github.com/pfsense/pfsense/pull/1154
-
-
Thank you!
That was a pretty simple change. Results and icons below. Now "match" rules are no longer shown as "pass". They now have their own icons….AWESOME JOB MAN!!!!
