Last Modified: Sep 13, 2023
Known Affected Versions:
11.6.0, 11.6.1, 11.6.2, 11.6.3, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 11.6.4, 11.6.5, 22.214.171.124, 126.96.36.199, 188.8.131.52, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Opened: Feb 02, 2015 Severity: 3-Major Related Article:
Related Article: K16138
When adding a Rule to a Policy, the Condition should be 'equals' for Operand: tcp and Selector: port; however, the GUI and tmsh change the value to 'matches' instead. The reverse also happens: if 'matches' is selected, the value gets changed to 'equals'.
The GUI displays 'equals', but when the user clicks the 'Add' button, the Condition changes to 'matches' in the list, so validation and save operations fail. Note that tmsh operates similarly. The system posts an error message similar to the following: 010716f4:3: Policy '/Common/test_v11.6.0', rule 'r1'; operand 'tcp' does not support condition 'matches'.
This occurs when adding a Policy Rule with Condition of 'equals' or 'matches'.
Select a value other than 'equals' or 'matches' for the Condition, and then change it back to 'equals' or 'matches'. This ensures the correct Condition is added.
When adding a Rule to a Policy, the system now ensures the Condition is saved with 'equals' when 'equals' is selected in the list.