Good morning,
As shown in the documentation here: https://docs.opnsense.org/manual/aliases.html#hosts (https://docs.opnsense.org/manual/aliases.html#hosts)
It should be possible to set a Host(s) alias to an IP range. After installing from OPNsense-22.1.2-OpenSSL-dvd-amd64.iso I was able to do so. However since updating OPNsense to version 22.1.6, it will no longer let me do this. When I enter an IP range, it says:
Quote"Entry "xx.xx.xx.xx-xx.xx.xx.xx" is not a valid hostname or IP address."
Even if I go to the alias I had previously configured, remove and re-enter the exact IP range, and hit save, I get this error now.
It works when you enter 192.168.7.1-8, but not for 192.168.7.1-192.168.7.8.
You should open an issue on github.
Seems to be a bug, probably from having to extend host validation to accommodate for Unbound implementation quirks. Taking a closer look now.
Cheers,
Franco
It works for network(s) and nothing was changed there in a long time. I wonder if the documentation is wrong and nobody caught it?
Cheers,
Franco
I can confirm it works for hosts and networks on
21.7.8
for Hosts and Networks
test Host(s) 10.0.0.1-10.0.0.10 5 2022-04-20T08:52:26.845698
test2 Network(s) 10.0.0.1-10.0.0.10 5 2022-04-20T08:52:53.563361
on 22.1.6
I get the error for a host alias w/ range
Entry "10.0.0.1-10.0.0.10" is not a valid hostname or IP address.
Network alias works as expected ...
https://docs.opnsense.org/manual/aliases.html#hosts
QuoteHosts can be entered as a single IP address, a range (separated with a minus sign, e.g. 10.0.0.1-10.0.0.10) or a fully qualified domain name.
https://docs.opnsense.org/manual/aliases.html#networks
Here the range syntax using a minus sign is not documented.
Please raise an issue on GitHub so it's not forgotten. The file in question holding the validation hasn't been changed since December 2021:
https://github.com/opnsense/core/commits/master/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasContentField.php
Currently the assumption is 22.1.2 - 22.1.6. If that could be narrowed down further that would be helpful.
Cheers,
Franco
QuoteCurrently the assumption is 22.1.2 - 22.1.6. If that could be narrowed down further that would be helpful.
I'll try to do some kind of "version bisecting" ...
github issue:
https://github.com/opnsense/core/issues/5723
Versions and test results:
22.1.2_1 | OK |
22.1.3 | OK |
22.1.4_1 | ERROR |
22.1.5 | ERROR |
22.1.6 | ERROR |
just for the record here ...
code in question identified by the opnsense team.
see: https://github.com/opnsense/core/issues/5723#issuecomment-1103627045
-
-