easyrule block and alias not working

david_moo · Jun 9, 2024, 8:34 PM

If I type from cli:

easyrule block wan Kids_Devices
Tried to block invalid address: Kids_Devices

I get the above error.

The docs claim:

The source of traffic to block.

Can be an IPv4/IPv6 address, subnet, alias name, or special network name such as any, pppoe or l2tp.

The GUI code seems to only allow IP's and subnets.

function easyrule_parse_block($int, $src) {
	if (!empty($src) && !empty($int)) {
		$src = trim($src, "[]");
		if (!is_ipaddr($src) && !is_subnet($src)) {
			return gettext("Tried to block invalid address:") . ' ' . htmlspecialchars($src);
		}
		$int = easyrule_find_rule_interface($int);
		if ($int === false) {
			return gettext("Invalid interface for block rule.");
		}
		switch ((string)easyrule_block_host_add($src, $int)) {
			case "exists":
				return gettext("Block entry already exists.");
				break;
			case "invalid":
				return gettext("Invalid address.");
				break;
			case "1":
				return gettext("Block added successfully");
				break;
			case "":
			default:
				return gettext("Failed to create block rule, alias, or add entry.");
				break;
		}
	} else {
		return gettext("Tried to block but had no address or interface");
	}
	return gettext("Unknown block error.");
}

stephenw10 · Jun 9, 2024, 10:29 PM

Hmm, that does appear to be the case. Did you open a bug report?

Steve

david_moo · Jun 10, 2024, 12:01 AM

@stephenw10

Bug submitted..

stephenw10 · Jun 10, 2024, 12:17 AM

What's in that alias? A series of separate IPs?

david_moo · Jun 10, 2024, 12:51 AM

@stephenw10

Yes.

Kids_Devices Host(s) 10.10.10.50, 10.10.10.51, 10.10.10.52, 10.10.10.53, 10.10.10.54, 10.10.10.55, 10.10.10.56, 10.10.10.57, 10.10.10.58, 10.10.10.59…