I created a service group that had 14 regular services and one service that was a port range (81:82). After that, the firewall rule could be saved but was not created since iptables refused to do so. I do not have the exact error, but it should be easy to reproduce.
This Bug is already fixed. Just tested again with core 110. If someone adds more than 15 TCP or UDP services in a servicegroup an errormessage is displayed. Also portranges are detected (which count twice). You can close this bug
That is not what I meant here. It is that the WUI accepts to create a group with 14 single ports and one range. That totals in 15 and that is accepted from the user interface. However, that rule is not created but iptables returns an error. Please create that thing and run firewallctrl to reload rules on the console.
still open?
(In reply to Alexander Marx from comment #3) > still open? Well if it wasn't fixed anywhere it is :)
Well, i am not able to create a testrule with 14 single ports and a portrange. If i enter "1,2,3,4,5,6,7,8,9,10" i am not able to enter additional values. so i think it is impossible to create such a rule
Has the limit been decreased at some point?
I am setting this back to ASSIGNED, since I was unable to trace any patches or commits back to this. If there were any, please mention them here.
Fix has been sent to the development mailing list. https://patchwork.ipfire.org/project/ipfire/patch/20210715100737.3733-1-stefan.schantl@ipfire.org/
Resetting this back to ASSIGNED since the patch has not been merged yet. No offense intended, it just makes things easier for me to track. :-)
Patch has been accepted and shiped.