Page MenuHomeVyOS Platform

Firewall group configuration allows to set incorrect port range and invalid port
Needs testing, Requires assessmentPublicBUG

Description

In this example first port is greater than the last port

set firewall group port-group PORTGRP port '25-1'

Expected validation, for example:

vyos@r4# set firewall group port-group PGRP port 25-1

  Error: [25-1] is not a valid port range
  
  Value validation failed

Also it allows to set out of port range value:

set firewall group port-group PORTGRP port 70000

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.4-rolling-202201020317
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

Viacheslav renamed this task from Firewall group configuration allows incorrect port range to Firewall group configuration allows to set incorrect port range and invalid port.Tue, Jan 4, 12:10 PM
Viacheslav updated the task description. (Show Details)
sdev changed the task status from Open to Needs testing.Mon, Jan 10, 9:02 PM
sdev claimed this task.
sdev added a subscriber: sdev.