[GH-ISSUE #3270] Public Resource Policy - Access Rules = ASN Bug #35773

Open
opened 2026-06-18 21:00:25 -05:00 by GiteaMirror · 6 comments
Owner

Originally created by @tmcphee on GitHub (Jun 14, 2026).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/3270

Originally assigned to: @oschwartz10612, @Copilot on GitHub.

Describe the Bug

Unable to save rule when ALL ASNs Value is selected

Environment

  • OS Type & Version: Ubuntu 20.04.6
  • Pangolin Version: 1.19.2
  • Edition (Community or Enterprise): Enterprise
  • Gerbil Version: 1.4.2
  • Traefik Version: 3.7.5

To Reproduce

Method 1
Create a new Public Resource Policy
Enable Rules
Add Rule Action: Block Access , Match Type: ASN , Value: ALL ASNs (ALL)
Click Create Public Resource Policy (Will Not save, No Errors)

Method 2
Create a new Public Resource Policy
Click Create Public Resource Policy (With No alterations)
Go Back to the created policy and click edit
Enable Rules
Add Rule Action: Block Access , Match Type: ASN , Value: ALL ASNs (ALL)
Click Create Public Resource Policy (Will Not save, Has Error)
[Error Invalid Rule: Enter a valid ASN]

Image

Expected Behavior

Allow to add ALL ASNs Value

Originally created by @tmcphee on GitHub (Jun 14, 2026). Original GitHub issue: https://github.com/fosrl/pangolin/issues/3270 Originally assigned to: @oschwartz10612, @Copilot on GitHub. ### Describe the Bug Unable to save rule when ALL ASNs Value is selected ### Environment - OS Type & Version: Ubuntu 20.04.6 - Pangolin Version: 1.19.2 - Edition (Community or Enterprise): Enterprise - Gerbil Version: 1.4.2 - Traefik Version: 3.7.5 ### To Reproduce Method 1 Create a new Public Resource Policy Enable Rules Add Rule Action: Block Access , Match Type: ASN , Value: ALL ASNs (ALL) Click Create Public Resource Policy (Will Not save, No Errors) Method 2 Create a new Public Resource Policy Click Create Public Resource Policy (With No alterations) Go Back to the created policy and click edit Enable Rules Add Rule Action: Block Access , Match Type: ASN , Value: ALL ASNs (ALL) Click Create Public Resource Policy (Will Not save, Has Error) [Error Invalid Rule: Enter a valid ASN] <img width="367" height="79" alt="Image" src="https://github.com/user-attachments/assets/916052c4-0ede-4240-8d7d-22b95c7c8d66" /> ### Expected Behavior Allow to add ALL ASNs Value
GiteaMirror added the bug label 2026-06-18 21:00:25 -05:00
Author
Owner

@AstralDestiny commented on GitHub (Jun 14, 2026):

What would adding all asn's do minus just doing a 0.0.0.0/0 rule?

<!-- gh-comment-id:4702335552 --> @AstralDestiny commented on GitHub (Jun 14, 2026): What would adding all asn's do minus just doing a 0.0.0.0/0 rule?
Author
Owner

@keiznklei commented on GitHub (Jun 16, 2026):

I am also experiencing this in Pangolin 1.19.2-ee. Both in regular Access Rules for Public Resources and the Shared Policies for Public Resources. I even tried editing an existing public resource's Access Rules with ALL ASNs from version 1.18.x, but even without alteration, I can't save it:

Image

Environment:
Ubuntu: 24.04.4 LTS (GNU/Linux 6.8.0-124-generic x86_64)
Pangolin: 1.19.2-ee
Gerbil: 1.4.2
Traefik: 3.7.x
Badger: 1.4.1
Crowdsec: 1.6.0
Newt: 1.13.0

<!-- gh-comment-id:4720243800 --> @keiznklei commented on GitHub (Jun 16, 2026): I am also experiencing this in Pangolin 1.19.2-ee. Both in regular Access Rules for Public Resources and the Shared Policies for Public Resources. I even tried editing an existing public resource's Access Rules with ALL ASNs from version 1.18.x, but even without alteration, I can't save it: <img width="404" height="88" alt="Image" src="https://github.com/user-attachments/assets/6cef1a66-10cc-497a-a461-777f0054a631" /> Environment: Ubuntu: 24.04.4 LTS (GNU/Linux 6.8.0-124-generic x86_64) Pangolin: 1.19.2-ee Gerbil: 1.4.2 Traefik: 3.7.x Badger: 1.4.1 Crowdsec: 1.6.0 Newt: 1.13.0
Author
Owner

@AstralDestiny commented on GitHub (Jun 16, 2026):

Mmm not sure why we have an option of all asn's as that would just be the same as doing 0.0.0.0/0, either way will check with the others.

<!-- gh-comment-id:4724447233 --> @AstralDestiny commented on GitHub (Jun 16, 2026): Mmm not sure why we have an option of all asn's as that would just be the same as doing 0.0.0.0/0, either way will check with the others.
Author
Owner

@oschwartz10612 commented on GitHub (Jun 16, 2026):

We will get this fixed

<!-- gh-comment-id:4724528518 --> @oschwartz10612 commented on GitHub (Jun 16, 2026): We will get this fixed
Author
Owner

@Blacks-Army commented on GitHub (Jun 18, 2026):

What would adding all asn's do minus just doing a 0.0.0.0/0 rule?

0.0.0.0/0 would also block private IP addresses, whereas blocking all ASNs only affects routable public IPs.

<!-- gh-comment-id:4740619052 --> @Blacks-Army commented on GitHub (Jun 18, 2026): > What would adding all asn's do minus just doing a 0.0.0.0/0 rule? 0.0.0.0/0 would also block private IP addresses, whereas blocking all ASNs only affects routable public IPs.
Author
Owner

@AstralDestiny commented on GitHub (Jun 18, 2026):

Yeah thought of that after I had posted though only would block private if you pangolin exists on the same network as your client else it will always see the public ip

<!-- gh-comment-id:4740744023 --> @AstralDestiny commented on GitHub (Jun 18, 2026): Yeah thought of that after I had posted though only would block private if you pangolin exists on the same network as your client else it will always see the public ip
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#35773