Alias creation issue with network IP and range

[max.pelletier]

Hi,
I'm running OPNsense 21.7.7-amd64

In older versions, I was able to do what I'm about to describe below.

In order to help protect a network, I've created a blocking rule for many countries, but had issues with some Microsoft web sites, so I created an allow rule for all Microsoft IPs that can be downloaded here:
https://www.microsoft.com/en-us/download/details.aspx?id=53602

With some tweaking of the list, I had created an alias list of all Microsoft IPs, and added a rule in the firewall to allow those IPs ignoring if they are in a blocked country.

But, in this new version (OPNsense 21.7.7-amd64) I'm trying to add those same IPs to an alias list, and I get a message like this:
"4.128.0.0/12 is not a valid hostname or IP address"
for all the addresses that I add.

I tried manually adding 192.168.1.0/24 to test, and it works. But if I add the first address in the Microsoft ip list manually, it gives me the message above. ("4.128.0.0/12 is not a valid hostname or IP address")

I tried others at random, and have the same error.
What gives?
X.X.X.X/X is a normal network nomenclature, and should work.

What can I do?

Regards,
Max

[Fright]

4.128.0.0/12 should be placed in Network(s) type Alias? 

[max.pelletier]

Yes, and this is exactly what I did.

Type:   Network(s)

Content:

192.168.1.0/24   (this works)
4.128.0.0/12     (this is accepted in the list, but shows an error when saving)


Here's an example:
https://imgur.com/AFScp4M

[max.pelletier]

After fiddling some more, it seems to fail as soon as I add a second address.
ie: if I add just 10 addresses, it fails, then if I delete 9 of them, it accepts it.

the list I use is as follow:  I select it, and copy/paste in the content field.

4.128.0.0/12,
4.144.0.0/12,
4.160.0.0/12,
4.176.0.0/12,
4.192.0.0/12,
4.208.0.0/12,
4.224.0.0/12,
4.240.0.0/12,
13.64.0.0/11,
13.96.0.0/13,
13.104.0.0/14,
20.0.0.0/11

[franco]

Looks like the GUI doesn't like the newline character and appends it to the next entry. Try this instead:

4.128.0.0/12,4.144.0.0/12,4.160.0.0/12,4.176.0.0/12,4.192.0.0/12,4.208.0.0/12,4.224.0.0/12,4.240.0.0/12,13.64.0.0/11,13.96.0.0/13,13.104.0.0/14,20.0.0.0/11


Cheers,
Franco

[Fright]

from what i see in lmgur - you have white spaces in front of each entry
if i just copy/paste whole list from you post - all works fine

[franco]

Might be windows style newlines messing with this?


Cheers,
Franco

[Fright]

or with "With some tweaking of the list" 
quick tested with .csv downloading from M$ link, import in Excel and copy/paste whole  "Prefix" column in Alias (win10). Works fine.
remembering the ticket with the cert insertion, it may be the case in the browser? but for some reason I think that the matter is in the preparation of the data

[max.pelletier]

It seems that entering all the IP's from a single line works fine.

Pasting them from excel adds them directly from Excel creates a single entry of all the addresses, so that doesn't work.

thanks you all for you help.

[Fright]

glad it works

Pasting them from excel adds them directly from Excel creates a single entry of all the addresses

only if you open csv files as is (or pasting with Ctrl-V?). if you add csv file as a data with ',' as a sepataror it will produce a column. selecting range from column and pasting it in the field with a Paste button works well for me