GUI value of GRE tunnel config does not match the configured value

[codiflow]

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

• I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
• I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Describe the bug

I have two GRE tunnels on my multi-WAN machine. The GUI shows the primary WAN as "local address" but for both tunnels the secondary WAN has been configured. Looks like being just a display issue.

To Reproduce

Steps to reproduce the behavior:

1. Create GRE tunnel on multi-WAN machine
2. Configure each tunnel with a different WAN
3. All GRE tunnels will have the same (primary) WAN shown in the list overview

Expected behavior
The really configured value is being shown.

Screenshots

Environment

Software version used and hardware type if relevant, e.g.:

OPNsense 24.7.11_2-amd64
FreeBSD 14.1-RELEASE-p6
OpenSSL 3.0.15

[fichtner]

Not sure how to prove your theory: we don’t know the actual configured config.xml value and your interface names plus internal identifiers (which should match the config.xml value in the GRE).

Cheers,
Franco

[codiflow]

I recognized the same behaviour while creating a GIF tunnel yesterday.

Maybe these values from config.xml are helping to proof this?

    <opt5>
      <if>gre0</if>
      <descr>GRE1</descr>
      <enable>1</enable>
      <lock>1</lock>
      <spoofmac/>
      <blockpriv>1</blockpriv>
      <blockbogons>1</blockbogons>
    </opt5>

[...]

    <opt11>
      <if>igc1</if>
      <descr>WAN2_O2</descr>
      <enable>1</enable>
      <lock>1</lock>
      <spoofmac/>
      <blockbogons>1</blockbogons>
      <ipaddr><REDACTED></ipaddr>
      <subnet>24</subnet>
      <gateway>WAN2_GWv4</gateway>
      <ipaddrv6>dhcp6</ipaddrv6>
      <dhcp6-ia-pd-len>0</dhcp6-ia-pd-len>
      <dhcp6-ia-pd-send-hint>1</dhcp6-ia-pd-send-hint>
      <dhcp6prefixonly>1</dhcp6prefixonly>
      <adv_dhcp6_interface_statement_send_options/>
      <adv_dhcp6_interface_statement_request_options/>
      <adv_dhcp6_interface_statement_information_only_enable/>
      <adv_dhcp6_interface_statement_script/>
      <adv_dhcp6_id_assoc_statement_address_enable/>
      <adv_dhcp6_id_assoc_statement_address/>
      <adv_dhcp6_id_assoc_statement_address_id/>
      <adv_dhcp6_id_assoc_statement_address_pltime/>
      <adv_dhcp6_id_assoc_statement_address_vltime/>
      <adv_dhcp6_id_assoc_statement_prefix_enable/>
      <adv_dhcp6_id_assoc_statement_prefix/>
      <adv_dhcp6_id_assoc_statement_prefix_id/>
      <adv_dhcp6_id_assoc_statement_prefix_pltime/>
      <adv_dhcp6_id_assoc_statement_prefix_vltime/>
      <adv_dhcp6_prefix_interface_statement_sla_len/>
      <adv_dhcp6_authentication_statement_authname/>
      <adv_dhcp6_authentication_statement_protocol/>
      <adv_dhcp6_authentication_statement_algorithm/>
      <adv_dhcp6_authentication_statement_rdm/>
      <adv_dhcp6_key_info_statement_keyname/>
      <adv_dhcp6_key_info_statement_realm/>
      <adv_dhcp6_key_info_statement_keyid/>
      <adv_dhcp6_key_info_statement_secret/>
      <adv_dhcp6_key_info_statement_expire/>
      <adv_dhcp6_config_advanced/>
      <adv_dhcp6_config_file_override/>
      <adv_dhcp6_config_file_override_path/>
    </opt11>

[...]

  <gres version="1.0.0">
    <gre uuid="<REDACTED>">
      <if>opt11</if>
      <ipaddr/>
      <greif>gre0</greif>
      <remote-addr><REDACTED></remote-addr>
      <tunnel-local-addr><REDACTED></tunnel-local-addr>
      <tunnel-remote-addr><REDACTED></tunnel-remote-addr>
      <tunnel-remote-net>30</tunnel-remote-net>
      <descr>GRE-Tunnel 1</descr>
    </gre>
  </gres>

The local interface name would be wan if the values in the GUI would match the actual configuration (which they don't):

    <wan>
      <if>igc0</if>
      <descr>WAN_VF</descr>
      <enable>1</enable>
      <lock>1</lock>
      <spoofmac/>
      <blockbogons>1</blockbogons>
      <ipaddr><REDACTED></ipaddr>
      <subnet>24</subnet>
      <gateway>WAN_GWv4</gateway>
      <ipaddrv6>dhcp6</ipaddrv6>
      <dhcp6-ia-pd-len>0</dhcp6-ia-pd-len>
      <dhcp6-ia-pd-send-hint>1</dhcp6-ia-pd-send-hint>
      <dhcp6prefixonly>1</dhcp6prefixonly>
      <adv_dhcp6_interface_statement_send_options/>
      <adv_dhcp6_interface_statement_request_options/>
      <adv_dhcp6_interface_statement_information_only_enable/>
      <adv_dhcp6_interface_statement_script/>
      <adv_dhcp6_id_assoc_statement_address_enable/>
      <adv_dhcp6_id_assoc_statement_address/>
      <adv_dhcp6_id_assoc_statement_address_id/>
      <adv_dhcp6_id_assoc_statement_address_pltime/>
      <adv_dhcp6_id_assoc_statement_address_vltime/>
      <adv_dhcp6_id_assoc_statement_prefix_enable/>
      <adv_dhcp6_id_assoc_statement_prefix/>
      <adv_dhcp6_id_assoc_statement_prefix_id/>
      <adv_dhcp6_id_assoc_statement_prefix_pltime/>
      <adv_dhcp6_id_assoc_statement_prefix_vltime/>
      <adv_dhcp6_prefix_interface_statement_sla_len/>
      <adv_dhcp6_authentication_statement_authname/>
      <adv_dhcp6_authentication_statement_protocol/>
      <adv_dhcp6_authentication_statement_algorithm/>
      <adv_dhcp6_authentication_statement_rdm/>
      <adv_dhcp6_key_info_statement_keyname/>
      <adv_dhcp6_key_info_statement_realm/>
      <adv_dhcp6_key_info_statement_keyid/>
      <adv_dhcp6_key_info_statement_secret/>
      <adv_dhcp6_key_info_statement_expire/>
      <adv_dhcp6_config_advanced/>
      <adv_dhcp6_config_file_override/>
      <adv_dhcp6_config_file_override_path/>
    </wan>

[fichtner]

Is WAN_VF the first one in the list?

[codiflow]

What list do you mean? In the GRE tunnel configuration the local interfaces are sorted alphabetically.

In the overview it is the first entry, yes:

[fichtner]

Thanks, I can reproduce.

[fichtner]

This should help, but I need to discuss with @AdSchellevis

# opnsense-patch a18fd9c

[fichtner]

Done but won't ship in 24.7.x anymore.