Page MenuHomeVyOS Platform

webproxy breaks commit and http access on routed client
Needs testing, LowPublicBUG

Description

In my research for T1732, I found a some bugs with this module.

conf
set service webproxy listen-address 10.3.1.3
commit
delete service webproxy
commit
set service webproxy listen-address 10.3.1.3
commit

At this point it hangs forever. Only option is to CNTL-C. It becomes impossible to reconfigure the webproxy until you reimage the install with add system image

So you think you are safe:

CNTL-C
delete service webproxy
commit
save
`

Here's the thing. This leaves some remnant running. In a setup where the VyOS node is providing routing between a number of different vlans:

VLAN3
VLAN9
VLAN20 - HDHomeRun running here
VLAN21
VLAN22

All VLANs except VLAN22 can access port 80 on the HDHomeRun:

From VLAN22:

$ nmap -sT 10.21.21.32
Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-24 17:22 CDT
Nmap scan report for 10.21.21.32
Host is up (0.0050s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
554/tcp  open  rtsp
5004/tcp open  avt-profile-1
8888/tcp open  sun-answerbook

From any other VLAN:

$ nmap -sT 10.21.21.32
Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-24 17:23 CDT
Nmap scan report for 10.21.21.32
Host is up (0.0049s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
80/tcp   open  http
554/tcp  open  rtsp
5004/tcp open  avt-profile-1
8888/tcp open  sun-answerbook

The fix to that problem is a reboot.

Details

Difficulty level
Unknown (require assessment)
Version
1.2.3
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Related Objects

Event Timeline

kroy created this task.Oct 24 2019, 11:48 PM
kroy renamed this task from webproxy breaks commit and routing to webproxy breaks commit and http access on routed client.Oct 25 2019, 12:03 AM
pasik added a subscriber: pasik.Oct 27 2019, 5:41 PM
syncer changed the task status from Open to Needs testing.Nov 16 2019, 10:54 PM
syncer assigned this task to Dmitry.
syncer triaged this task as Low priority.
syncer edited projects, added VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.