On Wed, Jun 23, 2010 at 11:32 AM, Jeremy Cejka <[email protected]> wrote: > > Heres the instance in which I am seeing and able to replicate this bug. > > > > I upgraded from 1-2 Stable to 1-2-3, migrated the backup config into the new > machine(minus the packages) > > > > Setup a rule from my machines ip 192.168.1.10 to have unrestricted access to > our lab sunet > > > > Looks something like this: > > TCP > > 192.168.1.10 > > * > > lab net > > * > > * > > If I want to change the destination from the Lab net to any, I get the > following error > > [Filter_Reload]# unresolvable source aliases Allow ssh from certain addresses > > It then clears out all the rules in each interface except the WAN. > > A Very dangerous bug which requires, removal of the config.xml and then copy > from the backups and reboot. >
That's highly unlikely to be true. It is possible in 1.2.x to hose your ruleset by screwing up your aliases by misconfiguring them (putting text in a ports alias, things such as that), or disabling/deleting an interface that's referenced in a rule. That's doubly addressed in 2.0, with proper input validation on all fields, and it will skip any invalid rules you may somehow manage to get in there in some other fashion (manual config editing). Send me a backup of your config that replicates this offlist. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
