Text only | Text with Images

OPNsense Forum

Archive => 21.7 Legacy Series => Topic started by: strangelaw on September 12, 2021, 02:04:08 PM

Title: Valid CIDR ranges on OpenVPN config
Post by: strangelaw on September 12, 2021, 02:04:08 PM
Most likely related to:

openvpn: check IPv4 tunnel prefix (contributed by kulikov-a)
openvpn: simplify CIDR validation and remove trim() usage

Symptoms:

Adding additional Remote IPv4 network on client configuration is not allowed. Example: Adding network '10.10.0.0/24' with original 192.168.1.0/24 is not allowed/gets invalidated.

The whole string is 192.168.1.0/24, 10.10.0.0/24

Error message is like "...may only contain valid IPv4 ranges separated by commas".

First CIDR range works, additional causes error. Version packaged w/OpenVPN is 21.7.2_1 amd.

OpenVPN is 2.5.3 installed w/opnsense ui.
Title: Re: Valid CIDR ranges on OpenVPN config
Post by: strangelaw on September 12, 2021, 02:23:51 PM
...and it seems this is truly caused by ghost spaces somehow left to field when adding those CIDRs. Suggestion to allow spaces due standard ui use behavior :) - all good.
Title: Re: Valid CIDR ranges on OpenVPN config
Post by: nic37 on September 13, 2021, 10:04:53 PM
Thank you very much. I had a similar problem and would also strongly vote for allowing spaces again.
Title: Re: Valid CIDR ranges on OpenVPN config
Post by: franco on September 14, 2021, 07:52:39 AM
Quote from: strangelaw on September 12, 2021, 02:23:51 PM
Suggestion to allow spaces due standard ui use behavior :)

The point of the patch in 21.7.2 was to deny spaces in the configuration so that IP addresses / subnets given can be properly validated and don't reach the OpenVPN in a "dirty" state.

The spaces were previously allowed and rendered in the config.xml which is suboptimal for future work in this area.


Cheers,
Franco
Text only | Text with Images