#1591 mod_firewall: invalid rule leads to "attempt to compare number with nil"
Reporter
Christian Weiske
Owner
Nobody
Created
Updated
Stars
★ (1)
Tags
Component-Community
Priority-Medium
Status-New
Type-Enhancement
Christian Weiske
on
Description of feature:
I wrote an invalid firewall rule and got a stacktrace in the error log file.
Instead of showing the stack trace, a understandable error message should be logged.
The rule is invalid because the condition "NOT IN ROSTER?" must appear before the action LOG:
----
ENTERING: $local
TO: user@example.org
LOG=[info] Message to user blocked from: $(stanza.attr.from)
NOT IN ROSTER?
BOUNCE=not-allowed
----
This led to the following stack trace:
----
Sep 21 21:31:20 general error Top-level error, please report:
.../local/src/prosody-modules/mod_firewall/mod_firewall.lua:495: attempt to compare number with nil
stack traceback:
.../local/src/prosody-modules/mod_firewall/mod_firewall.lua:495: in function 'process_firewall_rules'
.../local/src/prosody-modules/mod_firewall/mod_firewall.lua:539: in function 'compile_firewall_rules'
.../local/src/prosody-modules/mod_firewall/mod_firewall.lua:583: in function 'load_script'
.../local/src/prosody-modules/mod_firewall/mod_firewall.lua:648: in function 'load_unload_scripts'
.../local/src/prosody-modules/mod_firewall/mod_firewall.lua:674: in function '?'
/usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75>
(...tail calls...)
/usr/lib/prosody/util/startup.lua:312: in function 'reload_config'
/usr/lib/prosody/modules/mod_posix.lua:179: in function 'handler'
/usr/lib/prosody/net/server_event.lua:798: in function </usr/lib/prosody/net/server_event.lua:797>
[C]: in function 'loop'
/usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762>
[C]: in function 'xpcall'
/usr/bin/prosody:76: in function 'loop'
/usr/bin/prosody:86: in main chunk
[C]: in ?
Sep 21 21:31:20 general error
stack traceback:
[C]: in function 'loop'
/usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762>
[C]: in function 'xpcall'
/usr/bin/prosody:76: in function 'loop'
/usr/bin/prosody:86: in main chunk
[C]: in ?
----
Motivation: (Why?)
Make it easier to debug firewall rules.
Description of feature: I wrote an invalid firewall rule and got a stacktrace in the error log file. Instead of showing the stack trace, a understandable error message should be logged. The rule is invalid because the condition "NOT IN ROSTER?" must appear before the action LOG: ---- ENTERING: $local TO: user@example.org LOG=[info] Message to user blocked from: $(stanza.attr.from) NOT IN ROSTER? BOUNCE=not-allowed ---- This led to the following stack trace: ---- Sep 21 21:31:20 general error Top-level error, please report: .../local/src/prosody-modules/mod_firewall/mod_firewall.lua:495: attempt to compare number with nil stack traceback: .../local/src/prosody-modules/mod_firewall/mod_firewall.lua:495: in function 'process_firewall_rules' .../local/src/prosody-modules/mod_firewall/mod_firewall.lua:539: in function 'compile_firewall_rules' .../local/src/prosody-modules/mod_firewall/mod_firewall.lua:583: in function 'load_script' .../local/src/prosody-modules/mod_firewall/mod_firewall.lua:648: in function 'load_unload_scripts' .../local/src/prosody-modules/mod_firewall/mod_firewall.lua:674: in function '?' /usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75> (...tail calls...) /usr/lib/prosody/util/startup.lua:312: in function 'reload_config' /usr/lib/prosody/modules/mod_posix.lua:179: in function 'handler' /usr/lib/prosody/net/server_event.lua:798: in function </usr/lib/prosody/net/server_event.lua:797> [C]: in function 'loop' /usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762> [C]: in function 'xpcall' /usr/bin/prosody:76: in function 'loop' /usr/bin/prosody:86: in main chunk [C]: in ? Sep 21 21:31:20 general error stack traceback: [C]: in function 'loop' /usr/lib/prosody/net/server_event.lua:763: in function </usr/lib/prosody/net/server_event.lua:762> [C]: in function 'xpcall' /usr/bin/prosody:76: in function 'loop' /usr/bin/prosody:86: in main chunk [C]: in ? ---- Motivation: (Why?) Make it easier to debug firewall rules.