New Firewall Feature issues

girish

@savity Thanks for the report. Looks like we have a couple of bugs here:

• Cloudron doesn't handle duplicates nicely.
• For large lists, maybe it's taking a lot of time to add them. So, the request times out. It could also be that the request is large enough that it hits some API limits.

Can you tell me roughly how big the request is? A rough way to measure this is to save the IPs in a file and check the size of the file.

girish

@savity said in New Firewall Feature issues:

is there any Limits on IP Addresses or how much you can configure for the first time

There's no limits from Cloudron side intentionally, but there are probably API limits we are hitting. So we have to adjust our code accordingly to allow large request sizes.

nebulon

The dedupe is now fixed.

savity

First i Importet

https://www.ipdeny.com/ipblocks/

RUSSIAN FEDERATION (RU) [download ru.zone] Size: 170 KB (10497 IP blocks)

And after Importing

CHINA (CN) [download cn.zone] Size: 136 KB (8444 IP blocks)

The issues startet

girish

I was to go upto 18k in mine. I will keep adding.

girish

I could finally reproduce this after adding 30k blocks.

Box POST /api/v1/network/blocklist 500 Internal Server Error Response timeout 20001.547 ms - 72
ERROR [object Object] [ /home/yellowtent/box/node_modules/express/lib/application.js:630:43 ]

savity

Looks like it depends on the server ressources maybe.

girish

@savity I have fixed this for the next release. You can add this one line - https://git.cloudron.io/cloudron/box/-/commit/467fa590230853e426710e73e467c1f2596f9f86 in /home/yellowtent/box/src/routes/network.js and systemctl restart box after that.

girish

For, 5.6.1, I also migrated the block list from a json format to a simple text file format. This allows us to have comments, blank lines etc which is useful when copy/pasting all these block lists.

savity

thank youuuuu