Alias error

cjohnson

I'm running the latest 2.7.2.

Whenever I attempt to add an alias (Firewall > Aliases > Edit) with a Type of "Hosts(s)" in the webUI utilizing a single host IP, CIDR, or range of IPs; I consistently get.....

The following input errors were detected:

   is not a valid host address, FQDN or alias.

Isn't the "is not a valid...." part of that usually prepended with an IP/IPs?
A few simple examples I've tried..
"192.200.0.210"
"192.200.0.210/32"
"192.200.0.210-192.200.0.230"
These IPs are alive and well on my network.

What am I doing wrong here?

patient0

@cjohnson That indeed looks alright. I assume you don't add the quotes to the IP, yes?

What is a bit odd it that if I enter an IP with let's say the quotes it tells me where the error is, like:

The following input errors were detected:

    "192.200.0.210" is not a valid host address, FQDN or alias.

Have you by any chance added an empty "IP or FQDN" line with a space in it? If I do that I see:

The following input errors were detected:

    is not a valid host address, FQDN or alias.

cjohnson

@patient0 said in Alias error:

I assume you don't add the quotes to the IP, yes?

Correct.
Firewall > Aliases > (IP tab is selected) Click the "Add" button.
Populate the "Name" Field with this exactly --> TestALIAS
Populate the "Description" Field with this exactly --> testDESCRIPTION
Change the "Type" drop-down to this exactly --> Host(s)
Within the row labelled "IP or FQDN", populate the 1st box with this exactly --> 10.200.0.210
(The 1st box contains exactly twelve characters, I've ensure there are no leading, or trailing spaces)
Within the row labelled "IP or FQDN", populate the 2nd box with this exactly --> testHOSTIPdesc

Final Step: Click the "Save" button.
Then I see this.......

I've also tried this using "Bulk Import Network Aliases" per the Netgate Docs site.
Going that route creates the Alias for me however, with zero IPs contained within it.

patient0

@cjohnson mmmh, looks all correct indeed. Have you tried a different browser? Or a private window in your browser. Maybe some extension is blocking something and your input is lost when you press 'Save'.

cjohnson

@patient0

Yes. I've tried different browsers and private tabs. I've also ensured that I have no extensions enabled.

Is there someway to do this through the CLI somehow?

johnpoz

@cjohnson not sure what your wanting to accomplish but in your second shot I don't see an IP..

As mentioned is something removing that when you go to click save?

I have no issue creating such an alias.

cjohnson

@johnpoz said in Alias error:

not sure what your wanting to accomplish but in your second shot I don't see an IP..

I'm merely attempting to add an alias.
What you've pointed out there is exactly the problem I'm chasing.

The only action taken in between the point in time where I populated the fields as shown within the 1st screenshot, and the point in time where I grabbed the second screenshot was....

So, timeline-wise...
---All fields populated with "TestALIAS" and IPs etc...then.....

"Final Step: Click the "Save" button.
Then I see this......."

---Second Screenshot Taken--

In short.... I fill all of the fields correctly and hit "Save".
Somehow, someway; for whatever the reason... something happens in between those two actions wherein my form data doesn't make it's way to the pfSense box, or the form data doesn't get parsed correctly...or...maybe getting munged in transit.....something like that. I don't know.

At this point I'm not sure what to do next to figure out where things are breaking down.

ahking19

@cjohnson as a workaround do you have any previous existing aliases that you can use the "copy alias" action and then go back in and edit?

johnpoz

@cjohnson sounds like a browser issue to me. have you tried different browser

cjohnson

@ahking19

No. Unfortunately not on this server, no.
This is the first and only one on this box.

I had considered some other hackery like possibly using a totally different box to see what alterations end up in the config.xml and/or adding them manually and loading them into another box etc etc........

@johnpoz
yes. that was something else that I've tried as well.
see my reply just prior to you first entry into this thread that was directed towards patient0...

Yes. I've tried different browsers and private tabs. I've also ensured that I have no extensions enabled.

patient0

@cjohnson Can you create any other type of aliases? If yes, I'd try create one of another type, save it, edit and change to type host.

Or if you got another pfSense instance create it/them there, export them (via Backup&Diag) and import only the aliases (Restore > Aliases).
Important to note is that the aliases import replaces all existing alias with the once in the file. It does not merge with existing aliases!

If you feel adventures (is it a PROD system?) and know vi you can edit the config XML directly using viconfig (see doc here) on the command line. This uses the vi editor to edit the config in-place.

The structure is:

<aliases>
	<alias>
		<name>testALIAS</name>
		<type>host</type>
		<address>10.200.0.210</address>
		<descr><![CDATA[testDESCRIPTION]]></descr>
		<detail><![CDATA[testHOSTIPdescription]]></detail>
	</alias>
</aliases>

Beside: Is there something else out of the ordinary how you access the pfSense GUI? Via WAN, via a proxy, web caching server, ssh tunnel, VPN? What OS and language?

cjohnson

@patient0

attempts to add a single port alias containing a single port definition fails with...

The following input errors were detected:

<bulletpointHERE>    is not a valid port or alias.

URL type aliases behave the same way.

yes, this is a prod box. i have two others that are not though.
i'm going to reserve the vi route for a last resort. i'm about to try the create/export/import thing you've mentioned now.

as far as the "out of the ordinary" item.... no. i'm trying this directly from a PC attached through a switch to one of the internal facing NICs.
OS is (among others i've tried including windows 11) Mint 21.3 with english, US.

cjohnson

OK.This is strange.

I can sucessfully use the "Import" button (which takes me to the "Bulk Import" page) on the main "Aliases" page to then create the alias with a range of IPs (using the "Aliases to Import" box on the subsequent page) how I want them.

If I attempt to import an exported alias XML from another box where I've created the alias how I attempted to do so to begin with, it doesn't quite work correctly.

If I then attempt to edit what I have there....

Any attempts to populate one or more of the address boxes (left column) there then save it, I get a similar looking "is not a valid host address" error as before. There's a very slight difference this time though. If i populate all three of those "testX" rows that you see in that screenshot, then try to save it... the error shows like this

So, there's for sure something jacked up with the parsing of the data once it gets into the box.
This rules out the "is my data getting munged before it even gets to the box" question.