Netgate 8200 - Firewall URL Table Alias not working
-
Attempting to add Firewall URL Table Alias yields the following unexpected error:
Fatal error: Uncaught Error: Call to undefined function isURL() in /etc/inc/pfsense-utils.inc:2724 Stack trace: #0 /usr/local/pfSense/include/www/alias-utils.inc(333): process_alias_urltable('DShield_Block_L...', 'urltable', 'https://feeds.d...', 0, true, true) #1 /usr/local/www/firewall_aliases_edit.php(157): saveAlias(Array, NULL) #2 {main} thrown in /etc/inc/pfsense-utils.inc on line 2724 PHP ERROR: Type: 1, File: /etc/inc/pfsense-utils.inc, Line: 2724, Message: Uncaught Error: Call to undefined function isURL() in /etc/inc/pfsense-utils.inc:2724 Stack trace: #0 /usr/local/pfSense/include/www/alias-utils.inc(333): process_alias_urltable('DShield_Block_L...', 'urltable', 'https://feeds.d...', 0, true, true) #1 /usr/local/www/firewall_aliases_edit.php(157): saveAlias(Array, NULL) #2 {main} thrown
Netgate 8200
22.05.1-RELEASE (amd64)
built on Tue Dec 06 15:43:24 UTC 2022
FreeBSD 12.3-STABLESteps to reproduce the error:
- Login to pfSense following fresh reboot.
- Select Firewall > Aliases
- Select URLs then +Add.
- Enter name, e.g., DShield_Block_List
- Enter description, e.g., DShield.org Recommended Block List
- Select Type of URL Table (IPs)
- Enter URL Table, e.g., https://feeds.dshield.org/block.txt or any other URL
- Enter optional Description.
- Click Save
pfSense Diagnostic/Crash Reporter:
Crash report begins. Anonymous machine information:
amd64
12.3-STABLE
FreeBSD 12.3-STABLE plus-RELENG_22_05_1-n202703-4681fa64aea pfSenseCrash report details:
PHP Errors:
[30-Dec-2022 12:34:48 US/Central] PHP Fatal error: Uncaught Error: Call to undefined function isURL() in /etc/inc/pfsense-utils.inc:2724
Stack trace:
#0 /usr/local/pfSense/include/www/alias-utils.inc(333): process_alias_urltable('DShield_Block_L...', 'urltable', 'https://feeds.d...', 0, true, true)
#1 /usr/local/www/firewall_aliases_edit.php(157): saveAlias(Array, NULL)
#2 {main}
thrown in /etc/inc/pfsense-utils.inc on line 2724
[30-Dec-2022 12:36:43 US/Central] PHP Fatal error: Uncaught Error: Call to undefined function isURL() in /etc/inc/pfsense-utils.inc:2724
Stack trace:
#0 /usr/local/pfSense/include/www/alias-utils.inc(333): process_alias_urltable('DShield', 'urltable', 'https://feeds.d...', 0, true, true)
#1 /usr/local/www/firewall_aliases_edit.php(157): saveAlias(Array, NULL)
#2 {main}
thrown in /etc/inc/pfsense-utils.inc on line 2724
[30-Dec-2022 16:46:34 US/Central] PHP Fatal error: Uncaught Error: Call to undefined function isURL() in /etc/inc/pfsense-utils.inc:2724
Stack trace:
#0 /usr/local/pfSense/include/www/alias-utils.inc(333): process_alias_urltable('DShield', 'urltable', 'https://feeds.d...', 0, true, true)
#1 /usr/local/www/firewall_aliases_edit.php(157): saveAlias(Array, NULL)
#2 {main}
thrown in /etc/inc/pfsense-utils.inc on line 2724
[30-Dec-2022 16:51:19 US/Central] PHP Fatal error: Uncaught Error: Call to undefined function isURL() in /etc/inc/pfsense-utils.inc:2724
Stack trace:
#0 /usr/local/pfSense/include/www/alias-utils.inc(333): process_alias_urltable('DShield_Block_L...', 'urltable', 'https://feeds.d...', 0, true, true)
#1 /usr/local/www/firewall_aliases_edit.php(157): saveAlias(Array, NULL)
#2 {main}
thrown in /etc/inc/pfsense-utils.inc on line 2724No FreeBSD crash data found.
-
@rstx On 22.05 I get no crash, but I get error:
"The following input errors were detected:
A valid URL must be provided. Could not fetch usable data from 'https://feeds.dshield.org/block.txt'."Per https://docs.netgate.com/pfsense/en/latest/firewall/aliases.html#url-aliases "If URL (IPs) is selected, then the URLs must contain IP address or CIDR masked network entries" and that feed has a start and end IP as well as several other columns.
Possibly helpful, pfBlockerNG-devel has that feed under the ISC_Block name. You could use Alias Native to create an alias with that.
Is 22.05.1 not a general release? (I don't have an 8200...)
-
The 22.05.1 Release is for the new Intel i226 Driver.
-
@steveits I know there are other columns in that file but perhaps I should have mentioned that I also have a Netgate 1100 running 22.05 and I have URL aliases defined on it, including the example above, without issue.
However, DShield was the only URL that I tried before moving on to other things. Other firewall rules I looked at this morning list only single IPs and work fine with URL Aliases such as https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt.
-
I just upgraded a 6100 to 8200. I'm seeing the same issue on the 8200. Never once saw it on the 6100.
-
@cylosoft one of you should open a bug report at http://redmine.pfsense.org/
-
@steveits or a post in https://forum.netgate.com/category/62/pfblockerng since this is likely an issue with the DEVEL release.
-
@steveits said in Netgate 8200 - Firewall URL Table Alias not working:
Is 22.05.1 not a general release? (I don't have an 8200...)
Correct. Just for the updated versions of the 6100 and 8200 models.
-
It's been fixed on 23.01 - see here:
c239afac1763951eacefc1dbc59ad04f9d319b91In the meantime, you may apply the following patch:
diff --git a/src/etc/inc/pfsense-utils.inc b/src/etc/inc/pfsense-utils.inc index 3ab9feb173..8e427581f4 100644 --- a/src/etc/inc/pfsense-utils.inc +++ b/src/etc/inc/pfsense-utils.inc @@ -2721,7 +2721,7 @@ function pfs_version_compare($cur_time, $cur_text, $remote) { function process_alias_urltable($name, $type, $url, $freq, $forceupdate=false, $validateonly=false) { global $g, $config; - if (!is_validaliasname($name) || !isURL($url)) { + if (!is_validaliasname($name) || !filter_var($url, FILTER_VALIDATE_URL)) { return false; } -
J jimp moved this topic from Problems Installing or Upgrading pfSense Software on
-
There's now a commit ID for this specifically:
https://github.com/pfsense/pfsense/commit/208134113d92d809d4f0e686f3817274854ff264 -
@marcosm how do I install this fix on my 8200?
-
@motivio the System Patches package:
https://docs.netgate.com/pfsense/en/latest/development/system-patches.html
