Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

URL Firewall Aliases not workng #51

Closed
rvalle opened this issue Jan 1, 2024 · 7 comments
Closed

URL Firewall Aliases not workng #51

rvalle opened this issue Jan 1, 2024 · 7 comments
Assignees
@zerwes
Labels
enhancement New feature or request

Comments

@rvalle
Copy link

rvalle commented Jan 1, 2024

When creating URL aliases that load Tables, such as:

opn_alias:

  # Blacklists

  - uuid: 0d561ada-f0e4-11e9-b9f0-00051b40070c
    settings:
      - key: name
        value: spamhouse_drops
      - key: type
        value: urltable
      - key: updatefreq
        value: "0.041666666666666664"
      - key: content
        list:
          - https://www.spamhaus.org/drop/drop.txt
          - https://www.spamhaus.org/drop/edrop.txt
      - key: description
        value: Spamhouse Drop and EDrop blacklists

The alias will be created but it wont be loaded up. This type of rule needs to be "applied" from the web ui for tables to be instantiated, for some reason.
@zerwes
Copy link
Collaborator

zerwes commented Jan 2, 2024

Hello Rafael
We use the urltable alias type too, but we deploy them as a initial cfg and this way we newer had problems.
Do you deploy the full playbook including the sync and reload task?
Are they working as expected after a reboot?

@zerwes zerwes self-assigned this Jan 2, 2024
@zerwes zerwes added the enhancement New feature or request label Jan 2, 2024
@zerwes zerwes mentioned this issue Jan 2, 2024
Closed
@zerwes
Copy link
Collaborator

zerwes commented Jan 2, 2024

looks like it is time for #12 to be transitioned from just a nice idea to wip ...

zerwes added a commit to zerwes/ansible-opnsense that referenced this issue Jan 2, 2024
@zerwes
alias handler (issue Rosa-Luxemburgstiftung-Berlin#12 + issue Rosa-Lu…
f8171c0 
…xemburgstiftung-Berlin#51)
@zerwes zerwes mentioned this issue Jan 2, 2024
Merged
zerwes added a commit that referenced this issue Jan 2, 2024
@zerwes
alias handler (issue #12 + issue #51)
2ccd56a
@zerwes
Copy link
Collaborator

zerwes commented Jan 2, 2024

Hello @rvalle
This is fixed in the PR #53

But before your example can work, you must add

  - key: enabled
    value: '1'

to your alias settings

Greetings
Klaus

@zerwes zerwes closed this as completed Jan 2, 2024
zerwes added a commit to zerwes/ansible-opnsense that referenced this issue Jan 2, 2024
@zerwes
alias handler (issue Rosa-Luxemburgstiftung-Berlin#12 + issue Rosa-Lu…
c1b356d 
…xemburgstiftung-Berlin#51)
@zerwes
Copy link
Collaborator

zerwes commented Jan 2, 2024

@rvalle w/ PR #54 a undefined enabled setting in aliases is now considered (like in opnsense) as enabled

@rvalle
Copy link
Author

rvalle commented Jan 3, 2024

Sorry @zerwes just saw your replies... I did not notice the "enablement". will check and test.

@rvalle
Copy link
Author

rvalle commented Jan 3, 2024

Tested it on OPNsense 23.7.10_1-amd64 and it works fine.

Before I did not notice the "enabled", because the UI is in fact listing the alias as enabled, but anyway, great to see it is working!

@zerwes
Copy link
Collaborator

zerwes commented Jan 4, 2024

Hello @rvalle, thank you for the confirmation

Before I did not notice the "enabled", because the UI is in fact listing the alias as enabled

Yes, somehow the missing enabled tag for aliases in opnsense seems to be inconsistent.
I tested the new handler first with one of mine definitions, but it took me ages to find out why yours is still not working ...

Anyhow, with #54 this should be fixed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zerwes zerwes

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rvalle @zerwes