Bug #8524
closed
HTTP_REFERER issue if changing the LAN IP in setup wizard
Added by Arthur Wiebe over 6 years ago.
Updated over 6 years ago.
Affected Architecture:
All
Description
In the setup wizard if you change the LAN IP address, you get to the next page to set a password, but when continuing from that page you go straight to a block page saying:
"An HTTP_REFERER was detected other than what is defined in System -> Advanced (https://192.168.1.1/wizard.php?xml=setup_wizard.xml). If not needed, this check can be disabled in System -> Advanced -> Admin."
The user is then locked out of the system, they will not get a proper IP from DHCP, and the new password they set won't work. The only thing you can do is unplug power from the pfsense appliance, or connect to it via console to reboot it so that the changes are applied.
After reboot it seems to be fine.
Confirmed with 2.4.3-p1
Files
- Category set to Web Interface
- Assignee set to Jim Pingle
- Priority changed from High to Normal
- Target version set to 2.4.4
- Affected Architecture All added
- Affected Architecture deleted (
)
I can replicate this now, not sure why it didn't happen to me before. It happens in the wizard when run from the LAN side because once past the LAN IP address screen of the wizard, get_configured_ip_addresses()
returns the new address but the new address is not yet on the interface.
I have a fix, will push shortly.
- Status changed from New to Feedback
- % Done changed from 0 to 100
- Status changed from Feedback to Resolved
Just to confirm, will this commit also fix the same issue when changing the LAN IP in the web configurator (not just when using the setup wizard)?
This issue is only for the wizard, and the fix applies only to the wizard. I'm not aware of another way to trigger this reliably. If you have such a case, please post to the forum or pfSense subreddit with details so it can be discussed and confirmed.
OK, should I log it under hardware (since this is on a netgate appliance vs. a CE image running on my own hardware)?
I can reliably reproduce it by just changing the LAN IP in the Admin Web UI. I get the same error when trying to load pages on the UI and this via the console & shell:
lagg0.4091: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
ether 00:08:xx:xx:xx:xx
inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::1:1%lagg0.4091 prefixlen 64 scopeid 0x15
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect
status: active
vlan: 4091 vlanpcp: 0 parent interface: lagg0
groups: vlan
That wouldn't be a problem specific to Netgate hardware. Post that on the forum and someone can take a deeper look and try to reproduce it. This specific issue with the wizard is resolved, so I don't want to get a separate issue confused here.
Also available in: Atom
PDF