Alias bugs

  • I think I found a couple of bugs. Can anyone else reproduce these?

    I just upgraded from 1.3 to beta 2.0. After the upgrade, the web gui, and even SSH was VERY slow. So I restored to factory defaults and everything was good. And then I set everything up from scratch. The only problem I had was that I would import bunch of Aliases through the web gui, and I started getting syntax errors when it tried to load it.

    I'm basically trying to block all China IP addresses. This is a list of about 1300 network ranges. In 1.3, I had to split them up into blocks of 200, resulting in about 7 aliases. So I tried to do the same thing in 2.0, and the import works fine. But then I click Edit on the alias, and try to save it, and it says:

    The following input errors were detected:

    * An alias with this name already exists.

    So I saved it with a different name, and it only saved the first approximately 65 entries. And for the last entry, it dropped the network mask.

    So is anyone else seeing the same behavior? Any ideas for a workaround in the meantime?

    I searched the 'Known Issues' Page, and this forum. The only thing that I found was a post a year ago about an Alias limit, which was supposedly fixed.

    EDIT: Forgot to mention that I am on the 3-10 build.

  • Do all of these only happen with these large aliases, or do some of these issues occur with smaller aliases as well?

  • Rebel Alliance Developer Netgate

    If you can give the specific input which resulted in the bug, so it can be reproduced, I'll take a look.

    I have been working on the Aliases editing page over the past week or so and it's possible I introduced a bug here, or it may just be a coincidence.

    You can also use the little "^" button at the bottom of the aliases list to do a bulk import if that helps.

  • Efonne: I only tried large ones. I'm pretty sure the small ones will work fine.

    Jimp: I'm using the bulk import that you are referring to. It appears to import fine. But then I click the 'Edit' button for the Alias rule, and click 'Save'(It doesn't matter if I make changes to it or not, I get the same thing). And when I click Save, it says "* An alias with this name already exists."

    So I save it with another name, and it doesn't save everything. I'll attach a txt file with the list of IP's that I'm trying to add.

    I downloaded this file from the link below:

    And I'm trying to bulk import just the first 200 lines of the text file.


  • Rebel Alliance Developer Netgate

    Ok. I'll run some tests and see what I can come up with.

    Thanks for the details.

  • Rebel Alliance Developer Netgate

    I see it cuts off at 64 when it gets that error, too. I'll open a ticket and work on this shortly.

  • Rebel Alliance Developer Netgate

    I just checked in a fix for this. It was doing a couple pretty ugly things.

  • Cool. What build will the fixes be in(I just started with the BETA builds, so I'm not sure how long it takes between a fix to a build)?

    I'll try it out once it is built.

  • Rebel Alliance Developer Netgate

    Typically it would be whatever build happens after the timestamp on the post saying it's fixed, but if a build was in process at the time, it may be the one after.

    Often, if you're on a recent snapshot, you can get away with doing a gitsync to pull in the recent code changes. However, you will want to check the repo commit logs here and here for any messages that say things might break with only a gitsync. Typically this happens if a binary was updated in some way (program update, rebuilt, etc) and not just a PHP code change.

  • OK. I finally got around to updating today. I'm still seeing the exact same problems. I am able to import it just fine(It seems anyways). But when I go to edit that alias, and save it, it says it already exists.

    So I save as a different name, and it saves, but when I go back into it, it gets cut off around the same place.

    Here's the output from the dashboard to show I'm updated.
    built on Thu Mar 18 06:10:11 EDT 2010
    FreeBSD 8.0-STABLE


  • What browser are you using for this?
    Can you paste a picture?

    I see javascript problems with long lists but nothign else.
    If your browser does not show that javascript is taking too long to run than it will look like it is not loading.

  • I'm using Firefox. And I did get the message that a script was taking too long, and I told it to continue, and the page loaded. Here's some more detail on what I did.

    1. On the Alias page(Which is empty), I click on the import button.
    2. I put in the first 500 from that list, and save it.
    3. I open up the Alias I just created.
    4. It takes about a minute to load, and I got a message from Firefox saying that a script is taking too long to run(I can't remember the name of the script, but I think it may have had the word suggest in it)
    5. Without making any changes, I clicked the save button.
    6. I get a message saying that an alias named China1 already exists. So basically you can't edit an Alias, you can only make a copy and delete the old one.
    7. So that's what I did, and named the copy China2. And it saved it without error. But when I went to go view China2, it loaded within a second or 2, and it was only showing a small portion of what I had originally put in there. And I know that the 'whole' list was loaded because the save button was there. If it was still rendering, the button wouldn't be there.

    And let me know what you need the screenshot of.

  • I fixed the cannot edit error but for the other there seems to be a limit somewhere because only the first 64 entries are POSTED so it is not an alias code problem per se.
    Not sure where the error is actually.

  • Did you notice that the network mask for the 64th entry doesn't get posted either? Could this be a limit in PHP/whatever web server pfsense is running?

    I know what for PHP on apache there are limits to the amount of data handled via a post. But the limit I'm thinking of is at least a few megabytes.

    Let me know if you need me to try anything on mine.

  • It is a suhosin module limit so will have tgo be changed.

  • Should be fixed in latest snapshots.

  • OK. It looks like it is working now.

    One thing I noticed that might need to be fixed, is that after I 'edit' the rule and save it, it goes back to the 'Aliases' screen, and has the 'Apply Changes' button. The button also shows up when I add a 'New' rule, using the '+' button.

    That 'Apply Changes' button isn't there when I add an alias using import. I'm thinking that whatever that button does, it probably needs to be there when doing an import as well, doesn't it?

    EDIT: I added all 1318 networks in that list in a single Alias rule and it worked perfectly(except for that Apply Changes button, of course). And when I clicked 'Edit' on that rule, it rendered in about 30 to 45 seconds, which is much faster than 500 took before these fixes.

    I created a Firewall rule using that Alias as well, and there are no errors.

  • Technically there shouldn't be any need to apply changes after creating a new alias, because it is impossible for it to have been assigned to something already.  It probably just shows it after using the regular add alias button because it uses the same code for editing aliases and adding new ones, except with some special cases for each.

  • OK. That's what I was thinking. So the button shouldn't appear after adding a new alias.

Log in to reply