Bug #16095
closed
Firewall generates invalid rules for IPsec tunnels with descriptions containing special symbols
100%
Description
IPSec tunnel description accepts special symbols, but creates an error in filter reload since Filter rules don't accept special symbols in description, and tunnel creates an auto-generated rule with description containing the tunnel description.
Steps to reproduce:
1) create an IPSec tunnel, add description with special symbols (for example ";';L"/\=^:= = )
2) save the tunnel
Error attached
tested on both 24.11 and 25.03-BETA
24.11-RELEASE (amd64)
built on Wed Nov 27 21:22:00 +03 2024
FreeBSD 15.0-CURRENT
25.03-BETA (amd64)
built on Thu Mar 6 2:40:00 CET 2025
FreeBSD 15.0-CURRENT
Files
Updated by Christopher Cope about 1 month ago
- Status changed from New to Confirmed
Tested and confirmed on
25.03-BETA (amd64) built on Thu Mar 6 1:40:00 UTC 2025 FreeBSD 15.0-CURRENT
Of note, the Description field says "A description may be entered here for administrative reference (not parsed)."
Perhaps the label should use something other than the description. Otherwise, some input validation is needed.
Updated by Marcos M about 1 month ago
- Status changed from Confirmed to In Progress
- Assignee set to Marcos M
- Target version set to 2.8.0
- Plus Target Version set to 25.03
Updated by Marcos M about 1 month ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset c74c5c61a51aa17a399fe5f8d25a9a183187c0e2.
Updated by Danilo Zrenjanin about 1 month ago
- Status changed from Feedback to Resolved
I tested against the latest dev version.
The issue has been fixed.
I am marking this ticket as resolved.
Updated by Jim Pingle 30 days ago
- Subject changed from IPSec tunnel description with special symbols produce errors in filter reload to Firewall generates invalid rules for IPsec tunnels with descriptions containing special symbols