Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC GUI issue?

    Scheduled Pinned Locked Moved 2.3-RC Snapshot Feedback and Issues - ARCHIVED
    3 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Tantamount
      last edited by

      Steps to reproduce:
      Enable IPSEC, Apply Changes.
      Firewall->Rules
      ipsec category available.

      Disable IPSEC, DON'T APPLY CHANGES
      Firewall->Rules
      ipsec category is missing.

      Bug or by design?

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        All that sort of thing is a consequence of the workflow-design of save followed by apply.
        Save writes the changes to the config stored on permanent media (disk SSD…).
        At that point the stored config and the running system are 2 different things.
        Subsequent viewing and editing of configuration is based on the current config (not on the running system), so something like Firewall Rules will see that IPsec is disabled (in the config) and do its logic accordingly.
        There is nothing in the GUI code that tries to reverse-engineer whatever happens to be the config of the running system and let you edit that - all you can do with the running system is view its state via the various options in the Status menu.

        After pressing apply, the running system "catches up" with the saved config.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • T
          Tantamount
          last edited by

          @phil.davis:

          There is nothing in the GUI code that tries to reverse-engineer whatever happens to be the config of the running system and let you edit that

          I don't think reverse-engineering is necessary here.  If the GUI is aware that the user hasn't clicked "Apply" when disabling IPSEC, then a check of this flag should be possible when deciding if the GUI should display the firewall ipsec rule tab.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.