From 021786612cae12fe7557bf1627773f4f71cff50d Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Thu, 26 May 2022 10:53:44 +0200
Subject: [PATCH] Firewall / Alias - when reading current alias content using
 pfctl, make sure to ignore empty lines. closes
 https://github.com/opnsense/core/issues/5788

---
 src/opnsense/scripts/filter/update_tables.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/opnsense/scripts/filter/update_tables.py b/src/opnsense/scripts/filter/update_tables.py
index 89ddf87e9..50955d2bf 100755
--- a/src/opnsense/scripts/filter/update_tables.py
+++ b/src/opnsense/scripts/filter/update_tables.py
@@ -158,8 +158,10 @@ if __name__ == '__main__':
         if alias.get_parser():
             # only try to replace the contents of this alias if we're responsible for it (know how to parse)
             sp = subprocess.run(['/sbin/pfctl', '-t', alias_name, '-T', 'show'], capture_output=True, text=True)
-            for line in sp.stdout.strip().split('\n'):
-                alias_pf_content.append(line.strip())
+            tmp = sp.stdout.strip()
+            if len(tmp) > 0:
+                for line in tmp.split('\n'):
+                    alias_pf_content.append(line.strip())
 
             if (len(alias_content) != len(alias_pf_content) or alias_changed_or_expired):
                 # if the alias is changed, expired or the one in memory has a different number of items, load table