This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Serious Bug in Web Protection, Filter Actions, “Allow These Websites” white list.

Hello UTM gurus,

Today I created a Web Protection profile with only few websites on a white list, under web protection, filter actions. I added a few websites there as single entries and also created one list named XXX and under that, I entered a few more web sites. Later I find that list called “XXX” is gone from the “Allow These Websites”  box.

The other entries are there but the one called “XXX” is not there, it disappeared.

If I try to create it again, it is telling me that that “Object with the same name XXX already exists”, so I cannot re-create it. This is very disturbing. It literally disappeared.

I saved an unencrypted UTM config and opened it with a hex editor, lo and behold the entry is present there with all the web sites under it. It just does not show up in the Web Protection profile(any of the profiles) and it is not enforced when testing the web protection at those sites on that list, so it is not being taken in effect even though it is present in the configuration file.

Can this be a bug that makes items disappear if we use 3 letters names, a bug that has not been discovered?

To test/reproduce, create an entry in the “Allow These Websites” box, call it “XXX” add a few websites under it and save it.  Check back to see if it is still there.

I have a backup cfg that I can load which does not contain those entries as an easy fix(I’ll just retype them all back in) but I would like to track this issue down so it will not happen again. Or to see if it is an actual bug. A whole list of domains to dissappear like that, is very troubling.

See screnshot below.

I would like to know if there is a command line that I can type and force removal of all the objects under the “Allow These Websites” box in hopes that it will remove that lost/invisible entry. Or specify the XXX to remove as it is dead but still present in the UTM config file.

Thank you!

Since creating that white list I upgraded to 9.605-1 from 9.510-5(created those entries under this version)



This thread was automatically locked due to age.
  • Hi  

    I'll look into this in my Test environment and see if I can replicate the issue. Please allow me some time to check.

    Regards

    Jaydeep

  • Excellent! In your test environment try adding name “XXX” under whitelist running UTM v9.510-5 then update to v9.605-1 and see if it disappears.

    (If you need I can email you my configuration that contains the issue)

    Here is another thread with a similar issue, can this be a the same bug carried with all recent firmwares?

    Also if I enter this command, I can see the missing/hidden/orphaned list name there, just not in the webadmin whitelist box: “cc get_objects http domain_regex”

    Thank you!

  • I never use this wihtelist/blacklist because in the past it was totally buggy and did not work as expected.

     

    I do white/blacklisting with tags!

     

    For Whitelisting:

    Filtering Options -> Websites     +New Site

    Enter URLs...

    (you can also override Category if URL-Filtering is the problem -> use a category and reputation that will be allowed in webfilter profile)

     

    Website Tags:

    use a tag e.g. whitelist

     

    Go to Web Filter Profiles -> Filter Actions -> edit the filter actions for the profiles

    Register Websites: at the bottom "Control sites tagges in the Website List" -> Click Folder icon -> select the tag e.g. whitelist -> select allow action for that -> save it

     

    Blacklisting also works this way -> e.g. tag blacklist -> in webfilter profiles use block action for this tag

     

    regards

  • Show us what you get with cc get_object_by_name http domain_regex 'XXX'.  Obfuscate the contents of 'domain' if you prefer.

    Also, assuming the name of the Filter Action is Allow, show us the result of cc get_object_by_name http cff_action 'Allow'

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA