[solved] Firewall Rules - Existing Alias is not shown when edit a rule





  • Bug reported: https://redmine.pfsense.org/issues/5252

    For fix try: https://github.com/pfsense/pfsense/pull/1945

    When editing an existing rule that uses an alias, the rule type is set to "single host or alias" and the alias name is displayed.

    When creating a new rule, the src and dst are set to "any" by default.



  • I do seriously wonder about the whole state of the bootstrap code when it can get to the point of making ALPHA builds available to play with but nobody who was doing the coding and testing up to the ALPHA point has noticed such a core bug in the functionality. Editing a rule that has an alias specified in source or destination is something that happens every moment in a Firewall. It is not even a half-fringe use case.

    I will just say that I am (insert chosen superlative here) disappointed in the number of mistakes in the code change to bootstrap. I do not know how that all happened during the evolution of it in another repo, and I do not want to go apportioning blame to particular individuals who might have committed broken code over the history of bootstrap development for pfSense. That serves no useful purpose now, because it would only serve to embarrass people and thus deter them from future contributions. At the time there should have been a more effective review process where people could spot the accidental errors and corrections could have been made in a friendly team way.

    Now there is a whole heap of effort required to fix up all this - frustrating when upcoming 2.2.5 has (I believe) so few bugs. We are going to miss some of the introduced bugs in 2.3 and go through more point releases 2.3.1 2.3.2… to find them and fix them, along with user frustration from users who have a reliable working product in the 2.2.* release series.

    Please, please, please, slow down, look, think, review, and even (horrid thought for programmers) test it a bit yourself. Coding by banging random keys followed by ctrl-S is quick, but not effective or efficient in the long run.

    /end-of-rant



  • thanks phil  ;)



  • i think the reason they started running the public snapshot builder rather early, is to find these bugs (have users report them) and fix them.
    while i agree that it'll take a lot of time an effort to spot/fix all the "minor" issues:
    i also think that there is/was a lot going on in the backend that has had the core devs focussed on. webgui issue's can be fixed relatively easy when the backend/structure is sound.
    i've seen relatively little commits to the bootstrap code itself in recent times, but i've seen tons of commits to convert pages to use the bootstrap code. (and commits to fix previous commits).

    i figure it'll all work out in time. i do wonder how this massive effort fits in the "move-to-python' for 3.0 (https://blog.pfsense.org/?p=1588)


Log in to reply