Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed validation for proxy destination bypass #6069

Closed
DavidePrincipi opened this issue Feb 21, 2020 · 7 comments
Closed

Failed validation for proxy destination bypass #6069

DavidePrincipi opened this issue Feb 21, 2020 · 7 comments
Labels
bug A defect of the software verified All test cases were verified successfully
Projects
NethServer 7

Comments

@DavidePrincipi
Copy link
Member

DavidePrincipi commented Feb 21, 2020
edited

A bypass rule based on the destination domain cannot be created or modified (if already exists) from the Cockpit UI if there is a VPN roadwarrior DHCP reservation.

Steps to reproduce

  • Install VPN and configure a VPN roadwarrior account, specifying a Reserved IP field
  • Go to Web Proxy & Filter > Bypass > Destination > Add destination (or Edit an existing one)
  • Enter "www.example.com"

Expected behavior

The bypass rule is saved

Actual behavior

Validator fails. The same does not happen with Nethgui

image

Components

  • nethserver-vpn-ui-1.2.9-1.ns7.noarch
  • nethserver-openvpn-1.9.1-1.ns7.noarch
  • nethserver-cockpit-1.4.3-1.ns7.noarch
@DavidePrincipi DavidePrincipi added the bug A defect of the software label Feb 21, 2020
@DavidePrincipi DavidePrincipi added this to ✋ Needs review in NethServer 7 via automation Feb 21, 2020
@edospadoni
Copy link
Member

edospadoni commented Feb 24, 2020
edited

Can't reproduce the issue.

  • Go to Web Proxy & Filter > Bypass > Destination > Add destination (or Edit an existing one)
  • Enter "www.example.com"

Actual behavior
The bypass rule is saved

RPM installed: nethserver-squid-1.10.6-1.ns7.noarch

@DavidePrincipi
Copy link
Member Author

DavidePrincipi commented Feb 25, 2020
edited

@edospadoni I fixed the bug description, adding a VPN roadwarrior account with IP reservation.

This is my hosts DB:

[root@vm5 ~]# db hosts show
vpn-rw-vpnaccount=host
    IpAddress=192.168.122.89

The UI console throws some errors about Description undefined.

TypeError: "e.Description is undefined"
    cockpit localhost/nethserver-squid/js/app.d0712773.js:1
    cockpit localhost/nethserver-squid/js/app.d0712773.js:1
    cockpit localhost/nethserver-squid/js/chunk-vendors.8d470f53.js:84
    cockpit localhost/nethserver-squid/js/chunk-vendors.8d470f53.js:84
    cockpit localhost/nethserver-squid/js/chunk-vendors.8d470f53.js:17
    cockpit localhost/nethserver-squid/js/chunk-vendors.8d470f53.js:17
    cockpit localhost/nethserver-squid/js/chunk-vendors.8d470f53.js:17
    cockpit localhost/nethserver-squid/js/chunk-vendors.8d470f53.js:17
vue.runtime.esm.js:1888

@federicoballarini
Copy link
Member

I can reproduce this issue also without vpn reserved ip address.
I think the problem is here: https://github.com/NethServer/nethserver-squid/blob/master/api/proxy/validate#L73

We are trying to validate a bypass domain on hosts db. But bypass domains aren't in hosts db, but in fwrules one. Am I wrong?

@edospadoni edospadoni mentioned this issue Mar 2, 2020
Merged
@edospadoni
Copy link
Member

edospadoni commented Mar 2, 2020
edited

It's a UI problem. If the field Description doesn't exists, the toLowerCase() function trigger an error that send to the API an empty field, so the validation receive a not valid value.

Can you try again @DavidePrincipi ?

@DavidePrincipi
Copy link
Member Author

DavidePrincipi commented Mar 2, 2020
edited

VERIFIED

Can you try again @DavidePrincipi ?

The issue is no more reproducible with the proposed patch

@DavidePrincipi DavidePrincipi added the verified All test cases were verified successfully label Mar 2, 2020
DavidePrincipi pushed a commit to NethServer/nethserver-squid that referenced this issue Mar 2, 2020
@edospadoni
ui. fix missing field validation (#54)
8afc598 
NethServer/dev#6069
@nethbot
Copy link
Member

nethbot commented Mar 2, 2020

in 7.7.1908/testing:

@DavidePrincipi DavidePrincipi moved this from ✋ Needs review to ⚙ Developing in NethServer 7 Mar 2, 2020
@nethbot
Copy link
Member

nethbot commented Mar 2, 2020

in 7.7.1908/updates:

NethServer 7 automation moved this from ⚙ Developing to 🗑 Done Mar 2, 2020
@gsanchietti gsanchietti mentioned this issue Mar 26, 2020
Merged
gsanchietti added a commit to NethServer/nethserver-ipsec-tunnels that referenced this issue Mar 26, 2020
@gsanchietti
Force left to %defaultroute for DHCP (#11)
83e7c73 
Do not use the IP if the newtwork interface is configured with DHCP.
Previous code would use dirty IP value if the red interface was changed
from static to dynamic.

NethServer/dev#6069
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug A defect of the software verified All test cases were verified successfully
Projects
No open projects
NethServer 7
🗑 Done
Milestone
No milestone
Development

No branches or pull requests
4 participants
@DavidePrincipi @edospadoni @federicoballarini @nethbot