New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

check_access *make discard* term display can be misleading #37

Closed
jathanism opened this Issue Aug 24, 2012 · 0 comments

Comments

Projects
None yet
2 participants
@jathanism
Member

jathanism commented Aug 24, 2012

check_access alters the action field for any term marked with /trigger: make discard/ to discard. I do not know if this is by design but it actually comes off a little confusing. I spent the last 30 minutes telling someone something was blocked.

Real Term:

    term foo { 
        /*trigger: make discard*/ 
        from { 
            destination-address { 
                10.20.30.0/26; 
                10.20.30.64/26; 
            } 
            protocol [ tcp udp ]; 
        } 
        then { 
            accept; 
            count foo;
        } 
    } 

Check_access displayed term:

term foo { 
    /*trigger: make discard*/ 
    from { 
        destination-address { 
            10.20.30.0/26; 
            10.20.30.64/26; 
        } 
        protocol [ tcp udp ]; 
    } 
    then { 
        discard; 
        count foo;
    } 
}

@mvh mvh closed this Sep 6, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment