If not for this, open sense would have been the best budget router out there

[Jyling]

If not for this field, open sense would have been the best budget router out there, bar none:

You cannot view this attachment.

This is the result of copying/pasting a list of subnets (ex: from the rules screen or other sources)
On top of this, the current component does not truncate leading/trailing spaces and includes them in the generated sub-component, which results in further errors even when copy/pasting the subnets one by one. This is a gigantic productivity killer. A clear-cut case in favor of KISS principle.

Could the developers consider converting this field into a plain multiline text box and doing basic deduplication upon save instead of the component that it's currently is?

[Patrick M. Hausen]

You can paste a comma separated list of networks/hosts/whatever in these multi value fields. Prepare with a shell one-liner or your favourite text editor.

[Jyling]

You can paste a comma separated list of networks/hosts/whatever in these multi value fields. Prepare with a shell one-liner or your favourite text editor.

Thanks a lot for this tip, but speaking of the component itself it's one hell of a counter-intuitive solution, especially that there is no help for the field. An added step of adding commas to the lists is not such a big deal but still extra work. Were this a simple text field, it would have been much more user-friendly.

[Jyling]

Having to spend another day adjusting aliases and FW rules, and there are not enough words to express how much of an annoyance this control is.
It breaks input of IP/subnet if tab is switched in the browser. Has to be deleted and restarted from scratch.
It is not editable once entered.
It does not support clipboard copy/paste of individual items.

Ideally, this should be a plain-text box that supports 1x IP/subnet per line, with Linux conf or shell script-style comments (with # or ; separator), and here's why:
When one adds a host or subnet to the list of pass/block alias, a comment is often necessary to explain the reason for it, i.e. spammer, hacker, partner, vendor, etc, often with other pertinent info.

As it is, the current control is a gigantic annoyance and pain point. Our admin team curses it every time we have to use it.
Just change it to be plain text and keep but adjust the deduplication code. This is all that a router admin needs.

In a perfect world, broader subnets should also deduplicate and eliminate narrower ones, but this is totally optional.

Please consider this for your next releases.

[Monviech (Cedrik)]

It already has the text field. It depends on the release you use.

https://github.com/opnsense/core/issues/8672

This should be in the latest community and business releases.

https://forum.opnsense.org/index.php?topic=48380.0
o firewall: align alias tokenizer options with the ones in our base template

[franco]

Yes, it's in 25.1.8 (June 12, 2025) and 25.4.2 (August 6, 2025), respectively.


Cheers,
Franco

[OPNenthu]

Thank you Ad & team for adding this.  It's been a great help.

[Greg_E]

I do find it odd that a large number of people do indeed consider this the best (budget or not) router for them. The "the whole thing is garbage" because of one task that you need to handle the long way around is nonsense. If it didn't route, that would be a deal killer, but so many of the features work in a simple way that calling the entire OS worthless because of your issue is not productive.

[Jyling]

Yes, it's in 25.1.8 (June 12, 2025) and 25.4.2 (August 6, 2025), respectively.


Cheers,
Franco

Great news!
Maybe eventually we will catch up, but it will be a project, not something that I can simply flip a switch on.

[franco]

That's understandable.

Just FYI topics like these are great when voiced, especially through GitHub issues. Reaction times are just much quicker, even when already fixed, but it certainly makes the end result much better.

Soo... thanks!


Cheers,
Franco