Hello, I'm not sure if this is the proper place to post a bug, but I couldn't find the proper place. I'm a long time lurker on the M0n0wall list, but have begun to use PFSense for some of my more complicated installs. I'm currently working on setting up a shop for myself.
The Tech Bench has 20 ports, each on it's own VLAN and pfSense interface. I am using a whitelist approach to the rules for the Tech Bench interfaces and when I add a rule to allow DNS traffic to the pfSense interface address it works fine on interfaces opt1-opt9. However, when I hit opt10, the rule stops working and the the text "Interface IP address" in the Destination field of the rule screen is blank. I tried editing the rule and re-saving it multiple times, but the result is the same. Changing the destination from the interface address to the subnet instead is a work-around that I am currently using. <rule> <type>pass</type> <interface>opt9</interface> <max-src-nodes/> <max-src-states/> <statetimeout/> <statetype>keep state</statetype> <os/> <protocol>tcp/udp</protocol> <source> <any/> </source> <destination> <network>opt9ip</network> <port>53</port> </destination> <descr>Allow DNS to Firewall</descr> </rule> <rule> <type>pass</type> <interface>opt10</interface> <max-src-nodes/> <max-src-states/> <statetimeout/> <statetype>keep state</statetype> <os/> <protocol>tcp/udp</protocol> <source> <any/> </source> <destination> <network>opt10ip</network> Truncated Maybe?? <port>53</port> </destination> <descr>Allow DNS to Firewall</descr> </rule> I'm guessing (I have not looked at the code) that the string "opt10ip" is getting truncated somehow when the rule is parsed from the xml. I am able to accomplish what I need to do using subnets instead of interface addresses, so it's not a pressing issue for me. I also have to wonder how many people have 10+ optional interfaces, but it's probably an easy fix for a developer, that is, if it actually is a bug and not something I'm doing wrong. Thanks for a wonderful piece of software, and I hope this post is helpful to someone. Jim Spaloss
<<attachment: pfsenseOpt9ip.png>>
<<attachment: pfsenseOpt10ip.png>>
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
