Project

General

Profile

Actions
Copy link

Bug #3491

closed

Improper input validation on firewall rules when using a numerical alias name

Added by Jim Pingle over 10 years ago. Updated about 10 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Renato Botelho
Category:
Rules / NAT
Target version:
2.2
Start date:
02/27/2014
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1
Affected Architecture:

Description

If you have a host alias using a numerical name such as "2222", then using port "2222" (literal) in firewall rules is prevented by the GUI due to an input validation error:

The following input errors were detected:

    2222 is not a valid start destination port. It must be a port alias or integer between 1 and 65535.
    2222 is not a valid end destination port. It must be a port alias or integer between 1 and 65535.

Due to the fact that an alias exists called "2222", the field is interpreted as the alias name rather than the literal port number even though the second case is valid.

Actions
Copy link
 #1

Updated by Jim Pingle over 10 years ago

  • Description updated (diff)
Actions
Copy link
 #2

Updated by Renato Botelho over 10 years ago

Alias name validation do not accept only numbers anymore on 2.2 since https://github.com/pfsense/pfsense/pull/960 was merged. But we need to think a way to deal with possible user configurations that already have it.

Actions
Copy link
 #3

Updated by Renato Botelho over 10 years ago

  • Status changed from New to Feedback
Actions
Copy link
 #4

Updated by Jim Thompson about 10 years ago

  • Assignee set to Renato Botelho
Actions
Copy link
 #5

Updated by Chris Buechler about 10 years ago

  • Status changed from Feedback to Resolved

fixed

Actions
Copy link

Also available in: Atom PDF