Page MenuHomeVyOS Platform

webproxy breaks commit and http access on routed client
Needs testing, LowPublicBUG

Description

In my research for T1732, I found a some bugs with this module.

conf
set service webproxy listen-address 10.3.1.3
commit
delete service webproxy
commit
set service webproxy listen-address 10.3.1.3
commit

At this point it hangs forever. Only option is to CNTL-C. It becomes impossible to reconfigure the webproxy until you reimage the install with add system image

So you think you are safe:

CNTL-C
delete service webproxy
commit
save
`

Here's the thing. This leaves some remnant running. In a setup where the VyOS node is providing routing between a number of different vlans:

VLAN3
VLAN9
VLAN20 - HDHomeRun running here
VLAN21
VLAN22

All VLANs except VLAN22 can access port 80 on the HDHomeRun:

From VLAN22:

$ nmap -sT 10.21.21.32
Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-24 17:22 CDT
Nmap scan report for 10.21.21.32
Host is up (0.0050s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
554/tcp  open  rtsp
5004/tcp open  avt-profile-1
8888/tcp open  sun-answerbook

From any other VLAN:

$ nmap -sT 10.21.21.32
Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-24 17:23 CDT
Nmap scan report for 10.21.21.32
Host is up (0.0049s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
80/tcp   open  http
554/tcp  open  rtsp
5004/tcp open  avt-profile-1
8888/tcp open  sun-answerbook

The fix to that problem is a reboot.

Details

Difficulty level
Unknown (require assessment)
Version
1.2.3
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

kroy renamed this task from webproxy breaks commit and routing to webproxy breaks commit and http access on routed client.Oct 25 2019, 12:03 AM
syncer changed the task status from Open to Needs testing.Nov 16 2019, 10:54 PM
syncer assigned this task to Dmitry.
syncer triaged this task as Low priority.
syncer edited projects, added VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.

Please try again with latest rolling