Valid CIDR ranges on OpenVPN config

Started by strangelaw, September 12, 2021, 02:04:08 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 12, 2021, 02:04:08 PM Last Edit: September 12, 2021, 02:10:00 PM by strangelaw
Most likely related to:

openvpn: check IPv4 tunnel prefix (contributed by kulikov-a)
openvpn: simplify CIDR validation and remove trim() usage

Symptoms:

Adding additional Remote IPv4 network on client configuration is not allowed. Example: Adding network '10.10.0.0/24' with original 192.168.1.0/24 is not allowed/gets invalidated.

The whole string is 192.168.1.0/24, 10.10.0.0/24

Error message is like "...may only contain valid IPv4 ranges separated by commas".

First CIDR range works, additional causes error. Version packaged w/OpenVPN is 21.7.2_1 amd.

OpenVPN is 2.5.3 installed w/opnsense ui.
September 12, 2021, 02:23:51 PM #1
...and it seems this is truly caused by ghost spaces somehow left to field when adding those CIDRs. Suggestion to allow spaces due standard ui use behavior :) - all good.
September 13, 2021, 10:04:53 PM #2
Thank you very much. I had a similar problem and would also strongly vote for allowing spaces again.
September 14, 2021, 07:52:39 AM #3
Quote from: strangelaw on September 12, 2021, 02:23:51 PM
Suggestion to allow spaces due standard ui use behavior :)

The point of the patch in 21.7.2 was to deny spaces in the configuration so that IP addresses / subnets given can be properly validated and don't reach the OpenVPN in a "dirty" state.

The spaces were previously allowed and rendered in the config.xml which is suboptimal for future work in this area.


Cheers,
Franco
Print
Go Up Pages1
User actions