Static Route issues in 22.1.10

[infinisource]

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

• I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
• I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Describe the bug

A clear and concise description of what the bug is, including last known working version (if any).

Disabling a static route in the GUI on version 22.1.10 does not withdraw the route from the routing table. Nor does disabling the gateway. Traffic still flows through to the gateway unless the route is deleted. This worked in version 19.7.

To Reproduce

Steps to reproduce the behavior:

1. Go to System -> Routes -> Configuration
2. Click on the disabled button for any given static route. IE 10.96.69.0/24
3. Click apply
4. Validate that the route is removed via CLI 'netstat -rn | grep 10.96.69.0
5. In 22.1.10, netstat output would still show the route in the routing table. In 19.7, that route would disappear.

Expected behavior

A clear and concise description of what you expected to happen.

I expect the system to remove a route from the routing table when a route is marked as disabled in the GUI. This clearly worked in version 19.7 but is now broken in the latest version 22.1.10. See the screenshots below for proof.

Describe alternatives you considered

A clear and concise description of any alternative solutions or workaround you considered.

Screenshots

Version 19.7 (WORKING)

The screenshot above illustrates on version 19.7 that a static route to 10.96.69.0/24 is active using 'netstat -rn | grep 10.96.'

The screentshot above shows the same route on 19.7 as being active.

The screenshot above shows the same route on 19.7 as being disabled.

The screenshot above shows the cli output on 19.7 after disabling the route in the GUI. This clearly works on 19.7.

22.1.10 Version below (NOT WORKING):

The screenshot above shows a route to 10.96.69.0/24 as being enabled.

The screenshot above shows the route in the routing table via the CLI on 22.1.10

The above screenshot shows the same gui on 22.1.10 but this time the route has been marked as disabled.

The above screenshot shows the output of 'netstat -rn | grep 10.96.' on version 22.1.10. The route is clearly still active.

Environment

Version 22.1.10 - Physical Appliance: DEC3860

Version 19.7 - Virtual Machine on ESXi 7.0U3

Additional Info
I found the follow other issues that describe this issue as well:

• Traffic routed arbitrarily over the Wireguad Interface despite disabled WG gateway #5592
• OS Routing table is not updated after a route has changed to another gateway. #5520

[AdSchellevis]

@infinisource thanks for reporting, should be fixed with 4e9baba .

To test locally, execute the following on a console:

opnsense-patch  4e9baba

[infinisource]

@AdSchellevis - thanks for the hotfix. What's interesting is on my test firewall that is currently on 22.1.10, the patch resolved the issue but on the physical appliance (DEC3860) which is also on 22.1.10, the patch did not resolve the issue.

[infinisource]

Ok that's odd. Applied the patch twice and the 3rd time it works.

[AdSchellevis]

@infinisource ok, weird, well, glad it works now.