Reply
Member
Posts: 242
Registered: ‎09-15-2014
Kudos: 46
Solutions: 2

Unable to delete address group entries with leading whitespace

Hi,

 

it seems that some IP addresses which I've entered via the GUI for a firewall address group seems to have had a leading whitespace (I've copied them):

 

admin@router# show firewall group address-group US-Routed 
 address 208.65.153.238
 address " 208.65.153.251"
 address " 208.65.153.253"
 address " 208.117.236.69"
 description "Wird ueber US-VPN geroutet"

The problem is, I can't either correct this via the GUI nor via CLI :-( I can't change anything in this address group - there is always an error "unexpected member not found [ 208.65.153.251]":

 

admin@router# delete firewall group address-group US-Routed address " 208.65.153.251"
[edit]
admin@router# delete firewall group address-group US-Routed address " 208.65.153.253"
[edit]
admin@router# delete firewall group address-group US-Routed address " 208.117.236.69"
[edit]
admin@router# show firewall group address-group US-Routed
-address " 208.65.153.251"
-address " 208.65.153.253"
-address " 208.117.236.69"
 address 208.65.153.238
 description "Wird ueber US-VPN geroutet"
[edit]
admin@router# commit
[ firewall group address-group US-Routed ]
unexpected member not found [ 208.65.153.251]

Seems like a fundamental GUI/CLI bug, I'll try to go deeper and disable any rule using this group and try to delete the complete routing group then. I hope this works ...

 

 

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5411
Solutions: 1657
Contributions: 2

Re: Unable to delete address group entries with leading whitespace

Yeah looks like an issue involving both the Web UI and CLI (should not allow space etc. in both places) and we'll need to address that. For now deleting the whole group (after removing its references) should work. Thanks for reporting the issue.

Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3069
Solutions: 945
Contributions: 16

Re: Unable to delete address group entries with leading whitespace

Yes, we need to fix this.  However I was able to delete by not adding the space.

 

ubnt@ER-Pro:~$ configure 
[edit]
ubnt@ER-Pro# set firewall group address-group FOO address " 1.1.1.1"
[edit]
ubnt@ER-Pro# commit
[edit]

ubnt@ER-Pro# sudo ipset -L FOO
Name: FOO
Type: hash:net
Revision: 3
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16792
References: 0
Members:
1.1.1.1
[edit]

ubnt@ER-Pro# show firewall group 
 address-group FOO {
     address 1.1.1.1
 }
[edit]
ubnt@ER-Pro# delete firewall group address-group FOO address 1.1.1.1
[edit]
ubnt@ER-Pro# commit
[edit]
EdgeMAX Router Software Development
Highlighted
Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5411
Solutions: 1657
Contributions: 2

Re: Unable to delete address group entries with leading whitespace

[ Edited ]

UBNT-stig wrote:

However I was able to delete by not adding the space.


Actually no, that's because the first entry actually gets its space removed after the set, so the first entry doesn't really have a space. Removing an entry that actually has a space still fails:

ubnt@ubnt# set firewall group address-group a address " 1.1.1.1"
[edit]
ubnt@ubnt# set firewall group address-group a address " 2.2.2.2"
[edit]
ubnt@ubnt# show firewall group 
+address-group a {
+    address 1.1.1.1
+    address " 2.2.2.2"
+}
[edit]
ubnt@ubnt#commit
[edit]
ubnt@ubnt# show firewall group
address-group a {
address 1.1.1.1
address " 2.2.2.2"
}
[edit]
ubnt@ubnt# delete firewall group address-group a address 2.2.2.2
Nothing to delete (the specified value does not exist)
[edit]
ubnt@ubnt# delete firewall group address-group a address " 2.2.2.2"
[edit]
ubnt@ubnt# commit
[ firewall group address-group a ]
unexpected member not found [ 2.2.2.2]

Commit failed
[edit]
ubnt@ubnt#

So that's actually an additional issue.

Reply