Hi,
I'm running OPNsense 21.7.7-amd64
In older versions, I was able to do what I'm about to describe below.
In order to help protect a network, I've created a blocking rule for many countries, but had issues with some Microsoft web sites, so I created an allow rule for all Microsoft IPs that can be downloaded here:
https://www.microsoft.com/en-us/download/details.aspx?id=53602
With some tweaking of the list, I had created an alias list of all Microsoft IPs, and added a rule in the firewall to allow those IPs ignoring if they are in a blocked country.
But, in this new version (OPNsense 21.7.7-amd64) I'm trying to add those same IPs to an alias list, and I get a message like this:
"4.128.0.0/12 is not a valid hostname or IP address"
for all the addresses that I add.
I tried manually adding 192.168.1.0/24 to test, and it works. But if I add the first address in the Microsoft ip list manually, it gives me the message above. ("4.128.0.0/12 is not a valid hostname or IP address")
I tried others at random, and have the same error.
What gives?
X.X.X.X/X is a normal network nomenclature, and should work.
What can I do?
Regards,
Max
4.128.0.0/12 should be placed in Network(s) type Alias? ;)
Yes, and this is exactly what I did.
Type: Network(s)
Content:
192.168.1.0/24 (this works)
4.128.0.0/12 (this is accepted in the list, but shows an error when saving)
Here's an example:
https://imgur.com/AFScp4M
After fiddling some more, it seems to fail as soon as I add a second address.
ie: if I add just 10 addresses, it fails, then if I delete 9 of them, it accepts it.
the list I use is as follow: I select it, and copy/paste in the content field.
4.128.0.0/12,
4.144.0.0/12,
4.160.0.0/12,
4.176.0.0/12,
4.192.0.0/12,
4.208.0.0/12,
4.224.0.0/12,
4.240.0.0/12,
13.64.0.0/11,
13.96.0.0/13,
13.104.0.0/14,
20.0.0.0/11
Looks like the GUI doesn't like the newline character and appends it to the next entry. Try this instead:
4.128.0.0/12,4.144.0.0/12,4.160.0.0/12,4.176.0.0/12,4.192.0.0/12,4.208.0.0/12,4.224.0.0/12,4.240.0.0/12,13.64.0.0/11,13.96.0.0/13,13.104.0.0/14,20.0.0.0/11
Cheers,
Franco
from what i see in lmgur - you have white spaces in front of each entry
if i just copy/paste whole list from you post - all works fine
Might be windows style newlines messing with this?
Cheers,
Franco
or with "With some tweaking of the list" ;)
quick tested with .csv downloading from M$ link, import in Excel and copy/paste whole "Prefix" column in Alias (win10). Works fine.
remembering the ticket with the cert insertion, it may be the case in the browser? but for some reason I think that the matter is in the preparation of the data
It seems that entering all the IP's from a single line works fine.
Pasting them from excel adds them directly from Excel creates a single entry of all the addresses, so that doesn't work.
thanks you all for you help.
glad it works
QuotePasting them from excel adds them directly from Excel creates a single entry of all the addresses
only if you open csv files as is (or pasting with Ctrl-V?). if you add csv file as a data with ',' as a sepataror it will produce a column. selecting range from column and pasting it in the field with a Paste button works well for me