ASM Policy fails to import because of schema failure (65535)
Dear,
Foremost question is how to fix this, the policy was exported from an ASM and imports fine on another ASM.
I've setup a Virtualbox Big-IP VE Trial license following the need to research an ASM policy which had been repeatedly put into learning mode but was implemented without approval actions.
Two versions were tried and tested resulting in the same import issue. The line numbers were changed and a lot of output cut out. I found many \u00... entries causing issue but also binary entries in the name fields. Replacing name="field" content with normal ascii content and removed binary makes the policy almost ready to import.
The security policy file does not conform to the schema and cannot be imported. (line 3466: parser error : Char 0xFFFF out of allowed range ^ )
But it now fails with
The security policy file does not conform to the schema and cannot be imported. (line 65535: element learning_mode: Schemas validity error : Element 'learning_mode': This element is not expected. Expected is one of ( user_input_format, minimum_value, maximum_value, maximum_length, match_regular_expression, is_sensitive, in_staging, last_updated, parameter_name_metachars, check_maximum_length ). )
For which i find no solution. Removing the element, removing the entire parameter brings no solace.
Please advise. Another colleague was able to import it without a problem. I've tried saving it under various other encodings etc.
Are there tools to clean up the policies ? How come there can be non-ascii values in the name for a parameter ? Could this prove a threat vector as the parser could execute code for example ?