search

NethServer / nethsecurity

NethSecurity image and build environment
https://www.nethsecurity.org/
Other
98 stars 6 forks source link

MultiWAN: maximum policy length #556

Closed gsanchietti closed 4 months ago

gsanchietti commented 4 months ago

Description

The name of the policies in MultiWAN must be limited to a maximum of 15 characters, otherwise nft cannot handle it.

Steps to reproduce

  1. Create a MultiWAN policy with a name exceeding 15 characters.
  2. Apply the policy and observe the system logs.

Expected behavior

MultiWAN policies should be applied without errors if the policy names are within the character limit.

Actual behavior

Policies with names longer than 15 characters cause errors in the logs and are not set properly.

Evidence

Error in the log:

May 29 16:51:30 fw mwan3-init[7679]: Policy ns_priority_eolo exceeds max of 15 chars. Not setting policy
May 29 16:51:30 fw mwan3-init[7679]: set_user_rules (ipv4): iptables-restore v1.8.8 (legacy): chain name `mwan3_policy_ns_priority_eolo' too long (must be under 29 chars)#012Error occurred at line: 4#012Try `iptables-restore -h' or 'iptables-restore --help' for more information.

Components

NethSecurity version: 8-23.05.3-ns.1.0.0

gsanchietti commented 4 months ago

Test image: 23.05.3-ns.1.0.0-25-g223efac

The fix is only at backend. The UI will be updated later to display the translated error.

gsanchietti commented 4 months ago

Verified also the UI part