Bug #3510
Rules Advanced Features Advanced Options allows various invalid data entry
100%
Description
and the result is "there were errors loading the rules".
1) Maximum state entries this rule can create - (max 0) is allowed, -1, 1.1 and "a" are invalid
(hmmm - why would 0 zero be acceptable to pf? that would be equivalent to specifying "block" for the rule, wouldn't it?)
2) max-src-nodes, max-src-conn, max-src-states, max-src-conn-rate, tcp.established cannot be 0, -1, 1.1, "a" - it has to be a positive integer.
Needs data entry validation to prevent user foot-shooting.
I am happy to do this straight away.
Associated revisions
History
#1
Updated by Phillip Davis almost 7 years ago
Note: tcp.established is the pf parameter name, pfSense stores it in the rule as 'statetimeout'. The other parameters use the same name in the pfSense config as the pf rule.
#2
Updated by Anonymous almost 7 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 7b4d12dcc92c3968c4440598d229bbef81562121.
#3
Updated by Renato Botelho almost 7 years ago
- Status changed from Feedback to Resolved
Merge pull request #1021 from phil-davis/patch-6
Validate rule Advanced Options numeric entries, it should fix #3510