Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Is your feature request related to a problem? Please describe.
When I exported the firewall rules to import them into the firewall [new] rules, I accidentally selected a previously exported backup-config.xml file, which I had created before upgrading to 26.x, and imported that into the firewall rules.
This was unfortunately accepted as valid, and OPNsense imported about 80,000 rules instead of aborting the process.
As a result, the firewall became unresponsive due to the excessive number of rules. I had to restore the system from a backup, as it could not handle 80,000 rules.
A clear and concise description of what the problem is including your motivation for the request,
i.e. "For the purpose of [...] I am missing a solution that will [...]."
This lagged my firewall, and I had to recover from a backup, as it could not handle 80,000 rules.
A clear and concise description of what you want to happen.
(e.g. I would like an input field in the /ui/firewall/alias which would add .... to ....)
Add a check before importing to verify that the header of the .csv firewall rules file is present in the uploaded file.
Otherwise, show an error indicating that the required header is missing and/or add a checkmark to "override this check".
@uuid;enabled;statetype;state-policy;sequence;action;quick;interfacenot;interface;direction;ipprotocol;protocol;icmptype;icmp6type;gateway;replyto;disablereplyto;log;allowopts;nosync;nopfsync;statetimeout;max-src-nodes;max-src-states;max-src-conn;max;max-src-conn-rate;max-src-conn-rates;overload;adaptivestart;adaptiveend;prio;set-prio;set-prio-low;tag;tagged;tcpflags1;tcpflags2;categories;sched;tos;shaper1;shaper2;description;source_not;source_net;source_port;destination_not;destination_net;destination_port
A clear and concise description of any alternative solutions or features you considered.
Being more attentive and not selecting the wrong file would be a good start on my end.
Add any other context or screenshots about the feature request here or links to relevant forum thread or similar
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Is your feature request related to a problem? Please describe.
When I exported the firewall rules to import them into the firewall [new] rules, I accidentally selected a previously exported backup-config.xml file, which I had created before upgrading to 26.x, and imported that into the firewall rules.
This was unfortunately accepted as valid, and OPNsense imported about 80,000 rules instead of aborting the process.
As a result, the firewall became unresponsive due to the excessive number of rules. I had to restore the system from a backup, as it could not handle 80,000 rules.
A clear and concise description of what the problem is including your motivation for the request,
i.e. "For the purpose of [...] I am missing a solution that will [...]."
This lagged my firewall, and I had to recover from a backup, as it could not handle 80,000 rules.
A clear and concise description of what you want to happen.
(e.g. I would like an input field in the
/ui/firewall/aliaswhich would add .... to ....)Add a check before importing to verify that the header of the .csv firewall rules file is present in the uploaded file.
Otherwise, show an error indicating that the required header is missing and/or add a checkmark to "override this check".
@uuid;enabled;statetype;state-policy;sequence;action;quick;interfacenot;interface;direction;ipprotocol;protocol;icmptype;icmp6type;gateway;replyto;disablereplyto;log;allowopts;nosync;nopfsync;statetimeout;max-src-nodes;max-src-states;max-src-conn;max;max-src-conn-rate;max-src-conn-rates;overload;adaptivestart;adaptiveend;prio;set-prio;set-prio-low;tag;tagged;tcpflags1;tcpflags2;categories;sched;tos;shaper1;shaper2;description;source_not;source_net;source_port;destination_not;destination_net;destination_port
A clear and concise description of any alternative solutions or features you considered.
Being more attentive and not selecting the wrong file would be a good start on my end.
Add any other context or screenshots about the feature request here or links to relevant forum thread or similar