Project

General

Profile

Bug #8039

Invalid characters in static IP description will not resolve upon correction

Added by Diedrich Guenther almost 2 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
DHCP Server
Target version:
Start date:
10/31/2017
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.4.1
Affected Architecture:

Description

I created a few dozen static IPs in the DHCP Server. A handful of those had descriptive names such as "Diedrich's laptop". I was never warned that the ' symbol was not allowed. The mapping was saved. I then went to edit/create a NAT Port Forwarding rule and was denied the ability because

The following input errors were detected:

    Invalid characters detected <AB:xx:12>Yes<CD:xx:34>Yes<EF:xx:56>Yes<GH:xx:78>Yes. Please remove invalid characters and save again.

I then went back to the offending static addresses and took out the ' in each of the descriptive names, resaved, applied the changes, but with no luck. I then did a full reboot - no luck. One of the descriptive names didn't even have a ' so I'm a bit confused as to what could be blocking the firewall rule edit and creation.

Associated revisions

Revision d70eaff5 (diff)
Added by Stephen Jones almost 2 years ago

Fixed #8039 Changed to on sanitizing data. This is to help so if the user has previous cookie data it shouldn't try and sanitize it.

History

#1 Updated by Jim Thompson almost 2 years ago

  • Assignee set to Steve Beaver

#2 Updated by Steve Beaver almost 2 years ago

  • Assignee changed from Steve Beaver to Anonymous
  • Target version set to 2.4.2

#3 Updated by Clinton Cory almost 2 years ago

I attempted to replicate this on a SG-2220 running Factory 2.4.2-DEV box but it seems to work just fine. I used static DHCP mapping description as well.
- Fresh install of pfSense 2.4.2-DEV
- Services - DHCP Server - LAN
- Created a new mapping with a description of Diedrich's laptop, assigned it an IP of 192.168.1.10, then saved
- Navigated to Firewall - NAT - Portward and created a NAT port forward to the static mapped IP of 192.168.1.10 without issue

Based on the fact that removing the descriptions, reboot, etc..does not solve the issue for the OP, I suspect this is a different issue altogether.

Diedrich, are you able to replicate this on another system or fresh install? Are you creating static IPv4 or IPv6 mappings?

#4 Updated by Diedrich Guenther almost 2 years ago

You will have to mark this as 'could not replicate'. I blasted the installation and will have to try again in the future; I ran into a separate issue with my wife's employer email being blocked - she could not send any emails through their web client nor Exchange. The mail is mail.msu.edu. I had to give up and go back to our ASUS router for fear of getting a divorce.

#5 Updated by Jim Pingle almost 2 years ago

The static mapping wouldn't have anything to do with the port forward page.

The error on the port forward page is likely from the way it attempts to sanitize everything in $_REQUEST. Somehow your browser is/was sending junk to the page when loading it. See source:src/usr/local/www/firewall_nat_edit.php#L144

Since cookie data can exist in $_REQUEST, it may have been a leftover value from some other previous router.

The sanitizing code in firewall_nat_edit.php should really only look at variables actually used by the page instead of trying to take that shortcut.

#6 Updated by Anonymous almost 2 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#7 Updated by James Dekker almost 2 years ago

On pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1341 could not reproduce the bad behavior.

#8 Updated by Jim Pingle almost 2 years ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF