Custom rules with syntax errors?

Murus
Post Reply
redskate
Posts: 30
Joined: Tue Apr 05, 2016 8:08 pm

Custom rules with syntax errors?

Post by redskate » Wed Apr 06, 2016 12:03 pm

Hello

I generated using Murus custom rule editor a custom rule which is then written by Murus to /private/etc/murus/murus.custom

The content of the rule is (test):

Code: Select all

block log quick {tcp, udp} from {} to {} port {10000}
When I test the rule, Murus say there is a syntax error (but does not say what error).
When I test the rule using

Code: Select all

pfctl -n -f /private/etc/murus/murus.custom
pfctl says the same.

Now maybe my thought is totally wrong: When I add a rule using Murus, this rule ***SHOULD*** be syntax checked .... am I wrong?

What is wrong here please ?

Regards

redskate
Posts: 30
Joined: Tue Apr 05, 2016 8:08 pm

Re: Custom rules with syntax errors?

Post by redskate » Wed Apr 06, 2016 12:16 pm

Correction: The rule inside /private/etc/murus/murus.custom

was

Code: Select all

block log quick inet proto  {tcp, udp} from {} to {} port {10000}

hany
Posts: 485
Joined: Wed Dec 10, 2014 5:20 pm

Re: Custom rules with syntax errors?

Post by hany » Wed Apr 06, 2016 12:24 pm

When I test the rule, Murus say there is a syntax error (but does not say what error).
You can use the TEST button in Murus toolbar, sometime it is able to tell you more about the error.
By the way Murus is a front end, not a firewall. It is not aware of errors, it can only report errors reported by PF.
Now maybe my thought is totally wrong: When I add a rule using Murus, this rule ***SHOULD*** be syntax checked .... am I wrong?
Yes in this case you are wrong, Murus is only a front end, it cannot check the syntax for PF. The very same rule string can be considered correct in some PF scenarios, and wrong (I mean at syntax level too) in some others. Murus cannot be aware of that, so you must feed PF with rules, and await for PF to react somehow, and expect Murus to catch this "reaction" and inform you.

Ideally you add a rule, then click TEST to verify if that rule sounds good to PF, then if everything is OK click PLAY to actually enable runtime rules.

In this specific case you rule lacks a source and a destination addresses, that's the reason for the error.

I hope it helped :)

redskate
Posts: 30
Joined: Tue Apr 05, 2016 8:08 pm

Re: Custom rules with syntax errors?

Post by redskate » Wed Apr 06, 2016 1:01 pm

:) Thank you any for your answer

again I am a good monkey to test this application. Gurus could be more than PF, but I understand the limit you posed.

So I will have to take care of the content.

Idea for you: It could be a great FEATURE to have some more help doing what I am doing ... not?

Regards

hany
Posts: 485
Joined: Wed Dec 10, 2014 5:20 pm

Re: Custom rules with syntax errors?

Post by hany » Wed Apr 06, 2016 8:13 pm

Idea for you: It could be a great FEATURE to have some more help doing what I am doing ... not?
oh, yes, sure it would be a great idea helping you in doing what you are doing...
The only thing I need to help you doing what you are doing is you to tell me what you are doing or trying to do or, maybe better, what you want to do :roll:

redskate
Posts: 30
Joined: Tue Apr 05, 2016 8:08 pm

Re: Custom rules with syntax errors?

Post by redskate » Thu Apr 07, 2016 7:38 am

I am afraid I did not explain the feature ... sorry.

A natural language might be understood by more context ...

I meant: It could be a great feature, when Murus not only just pass-through commands to PF, but also interprete and tests them (as far as this is possible) before the commands are passed to PF. As you said in a previous thread, the one rule I was adding as a test was missing important elements, and this (please) can/should be detected by such an intelligente software. At least this is my opinion. I hope this will help Murus (in case such a requirement did not yet come ;))

Thank you anyway

Post Reply