Bug #3510: Rules Advanced Features Advanced Options allows various invalid data entry - pfSense - pfSense bugtracker

Bug #3510

Rules Advanced Features Advanced Options allows various invalid data entry

Added by Phillip Davis almost 7 years ago. Updated almost 7 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Phillip Davis

Category:

Rules / NAT

Target version:

2.1.1

Start date:

03/06/2014

Due date:

% Done:

100%

Estimated time:

Affected Version:

2.1

Affected Architecture:

Description

and the result is "there were errors loading the rules".
1) Maximum state entries this rule can create - (max 0) is allowed, -1, 1.1 and "a" are invalid
(hmmm - why would 0 zero be acceptable to pf? that would be equivalent to specifying "block" for the rule, wouldn't it?)
2) max-src-nodes, max-src-conn, max-src-states, max-src-conn-rate, tcp.established cannot be 0, -1, 1.1, "a" - it has to be a positive integer.
Needs data entry validation to prevent user foot-shooting.
I am happy to do this straight away.

Associated revisions

Revision 7b4d12dc
Added by Renato Botelho almost 7 years ago

Merge pull request #1021 from phil-davis/patch-6

Validate rule Advanced Options numeric entries, it should fix #3510

History

#1 Updated by Phillip Davis almost 7 years ago

Note: tcp.established is the pf parameter name, pfSense stores it in the rule as 'statetimeout'. The other parameters use the same name in the pfSense config as the pf rule.

#2 Updated by Anonymous almost 7 years ago

Status changed from New to Feedback
% Done changed from 0 to 100

Applied in changeset 7b4d12dcc92c3968c4440598d229bbef81562121.

#3 Updated by Renato Botelho almost 7 years ago

Status changed from Feedback to Resolved

Also available in: Atom PDF

Project

General

Profile

pfSense

Issues

Custom queries