Project

General

Profile

Bug #4780

max_input_vars limit reached with aliases having >1000 members

Added by Dan Candea about 4 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Rules/NAT
Target version:
Start date:
06/21/2015
Due date:
% Done:

0%

Estimated time:
Affected Version:
All
Affected Architecture:

Description

The limit has been reach for long alias lists used in firewall configuration.

firewall_aliases_edit.php

Warning: Unknown: Input variables exceeded 1000. To increase the limit change max_input_vars in php.ini. in Unknown on line 0 Warning: session_start(): Cannot send session cache limiter - headers already sent in /usr/local/www/csrf/csrf-magic.php on line 351 Warning: Cannot modify header information - headers already sent in /usr/local/www/guiconfig.inc on line 48 Warning: Cannot modify header information - headers already sent in /usr/local/www/guiconfig.inc on line 49 Warning: Cannot modify header information - headers already sent in /usr/local/www/guiconfig.inc on line 50 Warning: Cannot modify header information - headers already sent in /usr/local/www/guiconfig.inc on line 51 Warning: Cannot modify header information - headers already sent in /usr/local/www/guiconfig.inc on line 52 Warning: Cannot modify header information - headers already sent in /usr/local/www/guiconfig.inc on line 55 Warning: Cannot modify header information - headers already sent in /usr/local/www/firewall_aliases_edit.php on line 480

History

#1 Updated by Dan Candea about 4 years ago

pfSense version 2.2.2

#2 Updated by Chris Buechler about 4 years ago

  • Subject changed from max_input_vars limit reached to max_input_vars limit reached with aliases having >1000 members
  • Status changed from New to Confirmed
  • Affected Version set to All

for aliases that big you're best off using URL Table aliases instead

#3 Updated by Steve Wheeler over 3 years ago

URL tables are not an option in some cases such as an outbound NAT pool where you have to use a Host Alias. If you need a large pool it becomes impossible to edit it once created.

#4 Updated by si lec over 3 years ago

I found the solution for this :
you need to edit the /etc/rc.php_ini_setup file and add the following entry on it :
max_input_vars=9999

Then reboot the pfsense and you will no longer get this error

#5 Updated by Chris Buechler over 3 years ago

  • Category set to Rules/NAT
  • Status changed from Confirmed to Resolved
  • Target version set to 2.3

This was bumped to 5000 in https://github.com/pfsense/pfsense/commit/e56374a84399026855886ce8f4d2b2ec4ab224b6

That's a reasonable maximum. Any use that requires > 5000 likely isn't a good idea from a browser usability and performance standpoint.

Also available in: Atom PDF