mirror of
https://github.com/fosrl/pangolin.git
synced 2026-07-17 15:13:46 -05:00
[GH-ISSUE #3270] Public Resource Policy - Access Rules = ASN Bug #39146
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @tmcphee on GitHub (Jun 14, 2026).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/3270
Originally assigned to: @oschwartz10612, @Copilot on GitHub.
Describe the Bug
Unable to save rule when ALL ASNs Value is selected
Environment
To Reproduce
Method 1
Create a new Public Resource Policy
Enable Rules
Add Rule Action: Block Access , Match Type: ASN , Value: ALL ASNs (ALL)
Click Create Public Resource Policy (Will Not save, No Errors)
Method 2
Create a new Public Resource Policy
Click Create Public Resource Policy (With No alterations)
Go Back to the created policy and click edit
Enable Rules
Add Rule Action: Block Access , Match Type: ASN , Value: ALL ASNs (ALL)
Click Create Public Resource Policy (Will Not save, Has Error)
[Error Invalid Rule: Enter a valid ASN]
Expected Behavior
Allow to add ALL ASNs Value
@AstralDestiny commented on GitHub (Jun 14, 2026):
What would adding all asn's do minus just doing a 0.0.0.0/0 rule?
@keiznklei commented on GitHub (Jun 16, 2026):
I am also experiencing this in Pangolin 1.19.2-ee. Both in regular Access Rules for Public Resources and the Shared Policies for Public Resources. I even tried editing an existing public resource's Access Rules with ALL ASNs from version 1.18.x, but even without alteration, I can't save it:
Environment:
Ubuntu: 24.04.4 LTS (GNU/Linux 6.8.0-124-generic x86_64)
Pangolin: 1.19.2-ee
Gerbil: 1.4.2
Traefik: 3.7.x
Badger: 1.4.1
Crowdsec: 1.6.0
Newt: 1.13.0
@AstralDestiny commented on GitHub (Jun 16, 2026):
Mmm not sure why we have an option of all asn's as that would just be the same as doing 0.0.0.0/0, either way will check with the others.
@oschwartz10612 commented on GitHub (Jun 16, 2026):
We will get this fixed
@Blacks-Army commented on GitHub (Jun 18, 2026):
0.0.0.0/0 would also block private IP addresses, whereas blocking all ASNs only affects routable public IPs.
@AstralDestiny commented on GitHub (Jun 18, 2026):
Yeah thought of that after I had posted though only would block private if you pangolin exists on the same network as your client else it will always see the public ip
@gkwok1 commented on GitHub (Jun 20, 2026):
Not sure if it's related but Email Whitelist and Basic Header Auth doesn't save or retrieve either. It does work when inserting the emails directly into the database.