Valid CIDR ranges on OpenVPN config

Started by strangelaw, September 12, 2021, 02:04:08 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 12, 2021, 02:04:08 PM Last Edit: September 12, 2021, 02:10:00 PM by strangelaw
Most likely related to:

openvpn: check IPv4 tunnel prefix (contributed by kulikov-a)
openvpn: simplify CIDR validation and remove trim() usage

Symptoms:

Adding additional Remote IPv4 network on client configuration is not allowed. Example: Adding network '10.10.0.0/24' with original 192.168.1.0/24 is not allowed/gets invalidated.

The whole string is 192.168.1.0/24, 10.10.0.0/24

Error message is like "...may only contain valid IPv4 ranges separated by commas".

First CIDR range works, additional causes error. Version packaged w/OpenVPN is 21.7.2_1 amd.

OpenVPN is 2.5.3 installed w/opnsense ui.
September 12, 2021, 02:23:51 PM #1
...and it seems this is truly caused by ghost spaces somehow left to field when adding those CIDRs. Suggestion to allow spaces due standard ui use behavior :) - all good.
September 13, 2021, 10:04:53 PM #2
Thank you very much. I had a similar problem and would also strongly vote for allowing spaces again.
September 14, 2021, 07:52:39 AM #3
Quote from: strangelaw on September 12, 2021, 02:23:51 PM
Suggestion to allow spaces due standard ui use behavior :)

The point of the patch in 21.7.2 was to deny spaces in the configuration so that IP addresses / subnets given can be properly validated and don't reach the OpenVPN in a "dirty" state.

The spaces were previously allowed and rendered in the config.xml which is suboptimal for future work in this area.


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
Print
Go Up Pages1
User actions