Bug #8039
closed
Invalid characters in static IP description will not resolve upon correction
100%
Description
I created a few dozen static IPs in the DHCP Server. A handful of those had descriptive names such as "Diedrich's laptop". I was never warned that the ' symbol was not allowed. The mapping was saved. I then went to edit/create a NAT Port Forwarding rule and was denied the ability because
The following input errors were detected:
Invalid characters detected <AB:xx:12>Yes<CD:xx:34>Yes<EF:xx:56>Yes<GH:xx:78>Yes. Please remove invalid characters and save again.
I then went back to the offending static addresses and took out the ' in each of the descriptive names, resaved, applied the changes, but with no luck. I then did a full reboot - no luck. One of the descriptive names didn't even have a ' so I'm a bit confused as to what could be blocking the firewall rule edit and creation.
Updated by
Updated by Anonymous over 6 years ago
- Assignee changed from Anonymous to Anonymous
- Target version set to 2.4.2
Updated by Clinton Cory over 6 years ago
I attempted to replicate this on a SG-2220 running Factory 2.4.2-DEV box but it seems to work just fine. I used static DHCP mapping description as well.
- Fresh install of pfSense 2.4.2-DEV
- Services - DHCP Server - LAN
- Created a new mapping with a description of Diedrich's laptop, assigned it an IP of 192.168.1.10, then saved
- Navigated to Firewall - NAT - Portward and created a NAT port forward to the static mapped IP of 192.168.1.10 without issue
Based on the fact that removing the descriptions, reboot, etc..does not solve the issue for the OP, I suspect this is a different issue altogether.
Diedrich, are you able to replicate this on another system or fresh install? Are you creating static IPv4 or IPv6 mappings?
Updated by Diedrich Guenther over 6 years ago
You will have to mark this as 'could not replicate'. I blasted the installation and will have to try again in the future; I ran into a separate issue with my wife's employer email being blocked - she could not send any emails through their web client nor Exchange. The mail is mail.msu.edu. I had to give up and go back to our ASUS router for fear of getting a divorce.
Updated by Jim Pingle over 6 years ago
The static mapping wouldn't have anything to do with the port forward page.
The error on the port forward page is likely from the way it attempts to sanitize everything in $_REQUEST. Somehow your browser is/was sending junk to the page when loading it. See source:src/usr/local/www/firewall_nat_edit.php#L144
Since cookie data can exist in $_REQUEST, it may have been a leftover value from some other previous router.
The sanitizing code in firewall_nat_edit.php should really only look at variables actually used by the page instead of trying to take that shortcut.
Updated by Anonymous over 6 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset d70eaff5781015294376b42284e728265c56fd8d.
Updated by Anonymous over 6 years ago
On pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1341 could not reproduce the bad behavior.