xFirewall RemoteAddress fails test if CIDR notation is used. #169
Comments
dm3942
changed the title
|
Thanks for logging this @dm3942 This is expected behavior because the *-NetFirewallAddressFilter cmdlets always returns the address with a netmask rather than in CIDR notation. It should be possible to to adjust the test in Test-RuleProperties to do a comparison with both the CIDR notation and the netmask. I'll try and get to this when I can unless someone else gets to this first. |
PlagueHO
added
bug
|
@dm3942 - I'll look at this problem this week. |
PlagueHO
added
in progress
|
@dm3942 - I've submitted a fix for this issue in the above PR. Might take a little while to get merged because it is not an insignificant change. |
|
No problem. Thanks for considering it.
…________________________________
From: Daniel Scott-Raynsford <[email protected]>
Sent: Monday, 26 December 2016 6:58:04 PM
To: PowerShell/xNetworking
Cc: Daniel M; Mention
Subject: Re: [PowerShell/xNetworking] xFirewall RemoteAddress fails test if CIDR notation is used. (#169)
@dm3942<https://github.com/dm3942> - I've submitted a fix for this issue in the above PR. Might take a little while to get merged because it is not an insignificant change.
-
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#169 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AQ2mxSf6BCtzCTHxBvpPjUKT6n8GT1_aks5rL3OMgaJpZM4LLb3T>.
|
|
@dm3942 - a pleasure doing it. I'm just waiting on my PR to be reviewed so the change can go in. @tysonjhayes - any chance you might have some time at some point to check over #173 for me - no problems if not sir, I can hassle some of the others a bit 😁 ? I realize it's a bit of a bit large PR because of it includes a bunch of work towards making xNetworking HQRM. |
xNetworking version 3.0.0.0
RemoteAddress test fails if CIDR notation is used in the configuration. The rule is created, but the test fails.
Recommendations:
----- This firewall will get created successfully but the test will FAIL.
xFirewall myNagiosFw
{
Name = "DSC-Nagios"
Enabled = $true
Action = 'Allow'
LocalPort = 5666
Direction = 'Inbound'
Protocol = 'TCP'
Ensure = 'Present'
RemoteAddress = '10.10.0.0/16' # CAUSE OF TEST FAILURE
}
----- This firewall will get created successfully and the test will PASS.
xFirewall myNagiosFw
{
Name = "DSC-Nagios"
Enabled = $true
Action = 'Allow'
LocalPort = 5666
Direction = 'Inbound'
Protocol = 'TCP'
Ensure = 'Present'
RemoteAddress = '10.10.0.0/255.255.0.0' # CAUSE OF TEST FAILURE
}
We managed to inject some verbose statements into the function Test-RuleProperties
File: C:\Program Files\WindowsPowerShell\Modules\xNetworking\3.0.0.0\DSCResources\MSFT_xFirewall\MSFT_xFirewall.psm1
... code added ....
Write-Verbose "array-----:$ParameterSource----:$ParameterNew -----"
.... output from code ....
VERBOSE: [localhost]: [[xFirewall]myNagiosFw] Test-RuleProperties: RemoteAddress property value '10.10.0.0/255.255.0.0' does not match desired state '10.10.0.0/16'.
The text was updated successfully, but these errors were encountered: