LXC IP Tag script error prevents tagging of IPs in 172.16.0.0/12 #1195

New Issue

Closed

opened 2026-02-04 23:33:31 +03:00 by OVERLORD · 8 comments

OVERLORD commented 2026-02-04 23:33:31 +03:00

Owner

Copy Link

Originally created by @Duratori on GitHub (Jun 30, 2025).

✅ Have you read and understood the above guidelines?

yes

📜 What is the name of the script you are using?

add-iptag.sh

📂 What was the exact command used to execute the script?

bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/pve/add-iptag.sh)"

⚙️ What settings are you using?

• Default Settings
• Advanced Settings

🖥️ Which Linux distribution are you using?

Debian 12

📝 Provide a clear and concise description of the issue.

LXCs and VMs with IPs in 172.16.0.0/12 are NOT getting tagged, but 192.168.0.0/16 IPs are getting tagged.

The problem is in the ip_in_cidr function in the iptag script. Here's what is wrong:

1. Root Cause: The function is using ipcalc -c to check if an IP is in a CIDR range (which works correctly), but then it is doing its own manual validation that only handled specific prefix lengths: /8, /16, /24, and /32.
2. Specific Issue: My configuration includes 172.16.0.0/12 in the CIDR_LIST, but the manual check didn't handle /12 prefixes, so it would fall through to the default case and return false, even though ipcalc had correctly determined the IP was in the range.
3. Why 192.168.5.x worked: The 192.168.5.x addresses matched against 192.168.0.0/16, and /16 was one of the handled prefix lengths in the manual check.
4. The Fix: I simplified the ip_in_cidr function to only use ipcalc -c and removed the problematic manual validation. The ipcalc command handles all CIDR ranges correctly, including /12. However, the ipcalc command is returning exit code 0 even when the IP doesn't match. This seems to be because it's printing errors but still returning success. This explains why your original script had the redundant manual check - it was trying to work around this ipcalc quirk.
5. It seems the best solution is to add handling of the /12 prefix to your script.

🔄 Steps to reproduce the issue.

Installed IP Tag and a brind new, clean install of Proxmox and let it run. Anything with a 172.16.x.x IP did not get tagged.

❌ Paste the full error output (if available).

None captured by me.

🖼️ Additional context (optional).

No response

Originally created by @Duratori on GitHub (Jun 30, 2025). ### ✅ Have you read and understood the above guidelines? yes ### 📜 What is the name of the script you are using? add-iptag.sh ### 📂 What was the exact command used to execute the script? bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/pve/add-iptag.sh)" ### ⚙️ What settings are you using? - [x] Default Settings - [ ] Advanced Settings ### 🖥️ Which Linux distribution are you using? Debian 12 ### 📝 Provide a clear and concise description of the issue. LXCs and VMs with IPs in 172.16.0.0/12 are NOT getting tagged, but 192.168.0.0/16 IPs are getting tagged. The problem is in the ip_in_cidr function in the iptag script. Here's what is wrong: 1. Root Cause: The function is using ipcalc -c to check if an IP is in a CIDR range (which works correctly), but then it is doing its own manual validation that only handled specific prefix lengths: /8, /16, /24, and /32. 2. Specific Issue: My configuration includes 172.16.0.0/12 in the CIDR_LIST, but the manual check didn't handle /12 prefixes, so it would fall through to the default case and return false, even though ipcalc had correctly determined the IP was in the range. 3. Why 192.168.5.x worked: The 192.168.5.x addresses matched against 192.168.0.0/16, and /16 was one of the handled prefix lengths in the manual check. 4. The Fix: I simplified the ip_in_cidr function to only use ipcalc -c and removed the problematic manual validation. The ipcalc command handles all CIDR ranges correctly, including /12. However, the ipcalc command is returning exit code 0 even when the IP doesn't match. This seems to be because it's printing errors but still returning success. This explains why your original script had the redundant manual check - it was trying to work around this ipcalc quirk. 5. It seems the best solution is to add handling of the /12 prefix to your script. ### 🔄 Steps to reproduce the issue. Installed IP Tag and a brind new, clean install of Proxmox and let it run. Anything with a 172.16.x.x IP did not get tagged. ### ❌ Paste the full error output (if available). None captured by me. ### 🖼️ Additional context (optional). _No response_

OVERLORD added the bug label 2026-02-04 23:33:31 +03:00

OVERLORD closed this issue 2026-02-04 23:33:33 +03:00

OVERLORD commented 2026-02-04 23:33:38 +03:00

Author

Owner

Copy Link

@MickLesk commented on GitHub (Jun 30, 2025):

@DesertGamer

@MickLesk commented on GitHub (Jun 30, 2025): @DesertGamer

OVERLORD commented 2026-02-04 23:33:43 +03:00

Author

Owner

Copy Link

@DesertGamer commented on GitHub (Jul 2, 2025):

It is interesting... I will try to do it today, and I will write about the results.

@DesertGamer commented on GitHub (Jul 2, 2025): It is interesting... I will try to do it today, and I will write about the results.

OVERLORD commented 2026-02-04 23:33:46 +03:00

Author

Owner

Copy Link

@DesertGamer commented on GitHub (Jul 3, 2025):

There really was such a mistake, I fixed it in the new version, and also seriously worked out the rest of the possible methods, covered it all with tests, and I got a 99% result, thank you for your message.

@DesertGamer commented on GitHub (Jul 3, 2025): There really was such a mistake, I fixed it in the new version, and also seriously worked out the rest of the possible methods, covered it all with tests, and I got a 99% result, thank you for your message.

OVERLORD commented 2026-02-04 23:33:50 +03:00

Author

Owner

Copy Link

@DesertGamer commented on GitHub (Jul 4, 2025):

The update has been downloaded, please use the command:

bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/pve/add-iptag.sh)"

You can save your old config using an additional option when updating, but I strongly recommend overwriting it.

@DesertGamer commented on GitHub (Jul 4, 2025): The update has been downloaded, please use the command: ``` bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/pve/add-iptag.sh)" ``` You can save your old config using an additional option when updating, but I strongly recommend overwriting it.

OVERLORD commented 2026-02-04 23:33:58 +03:00

Author

Owner

Copy Link

@MickLesk commented on GitHub (Jul 4, 2025):

@MickLesk commented on GitHub (Jul 4, 2025): <img width="553" alt="Image" src="https://github.com/user-attachments/assets/5d7f5290-468e-41b4-8f66-d443cc8becf4" />

OVERLORD commented 2026-02-04 23:34:00 +03:00

Author

Owner

Copy Link

@kendikaku commented on GitHub (Jul 4, 2025):

Hello,
after updating, the processing power consumption is very high, reaching 100% and consequently the temperature is also very high. After uninstalling iptag, both returned to normal.

@kendikaku commented on GitHub (Jul 4, 2025): Hello, after updating, the processing power consumption is very high, reaching 100% and consequently the temperature is also very high. After uninstalling iptag, both returned to normal. 

OVERLORD commented 2026-02-04 23:34:03 +03:00

Author

Owner

Copy Link

@MickLesk commented on GitHub (Jul 4, 2025):

new issue

@MickLesk commented on GitHub (Jul 4, 2025): new issue

OVERLORD commented 2026-02-04 23:34:09 +03:00

Author

Owner

Copy Link

@kendikaku commented on GitHub (Jul 4, 2025):

new issue

https://github.com/community-scripts/ProxmoxVE/issues/5701#issue-3202640205

@kendikaku commented on GitHub (Jul 4, 2025): > new issue https://github.com/community-scripts/ProxmoxVE/issues/5701#issue-3202640205

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

github-action-update-changelog

pr-update-app-files

docker_deb13

feat/cloudinit-sshkeys

feat/sqlserver2025

automated/update-github-versions

add-script-opencloud-1770212555

add-script-openclaw-1770212634

github-action-archive-changelog

update_apps_tool

add-script-wishlist-1770193085

MickLesk-patch-2

add-script-writefreely-1770188758

add-script-wealthfolio-1770143943

fix/vaultwarden-update-script

remove_memos

disable_npm

feature/codeberg-functions-forgejo-readeck

add-script-rustypaste-1770019426

add-script-kitchenowl-1770017260

fix/2fauth-php-version

tools_func_addcodeberg

CrazyWolf13-patch-2

add-script-shelfmark-1769790178

CrazyWolf13-patch-1

add-script-ampache-1769790139

add-script-languagetool-1769790155

remove_php_deps

ref_koilection

fix/php-module-improvements

tremor021-patch-1

fix/open-archiver-meilisearch-migration

cloudflare_dns

MickLesk-patch-1

michelroegl-brunner-patch-2

fix/version-display

fix/debian13-root-ownership

feat/interactive_prompts

feature/smart-error-recovery

core_stable

update_docs

refactor/tools-func-stability

certbot_npm

2026-02-03

2026-02-02

2026-02-01

2026-01-31

2026-01-30

2026-01-29

2026-01-28

2026-01-27

2026-01-26

2026-01-25

2026-01-24

2026-01-23

2026-01-22

2026-01-21

2026-01-20

2026-01-19

2026-01-18

2026-01-17

2026-01-16

2026-01-15

2026-01-14

2026-01-13

2026-01-12

2026-01-11

2026-01-10

2026-01-09

2026-01-08

2026-01-07

2026-01-06

2026-01-05

2026-01-04

2026-01-03

2026-01-02

2026-01-01

2025-12-31

2025-12-30

2025-12-29

2025-12-28

2025-12-27

2025-12-26

2025-12-25

2025-12-24

2025-12-23

2025-12-22

2025-12-21

2025-12-20

2025-12-19

2025-12-18

2025-12-17

2025-12-16

2025-12-15

2025-12-14

2025-12-13

2025-12-12

2025-12-11

2025-12-10

2025-12-09

2025-12-08

2025-12-07

2025-12-06

2025-12-05

2025-12-04

2025-12-03

2025-12-02

2025-12-01

2025-11-30

2025-11-29

2025-11-28

2025-11-27

2025-11-26

2025-11-25

2025-11-24

2025-11-23

2025-11-22

2025-11-21

2025-11-20

2025-11-19

2025-11-18

2025-11-17

2025-11-16

2025-11-15

2025-11-14

2025-11-13

2025-11-12

2025-11-11

2025-11-10

2025-11-09

2025-11-08

2025-11-07

2025-11-06

2025-11-05

2025-11-04

2025-11-03

2025-11-02

2025-11-01

2025-10-31

2025-10-30

2025-10-29

2025-10-28

2025-10-27

2025-10-26

2025-10-25

2025-10-24

2025-10-23

2025-10-22

2025-10-21

2025-10-20

2025-10-19

2025-10-18

2025-10-17

2025-10-16

2025-10-15

2025-10-14

2025-10-13

2025-10-12

2025-10-11

2025-10-10

2025-10-09

2025-10-08

2025-10-07

2025-10-06

2025-10-05

2025-10-04

2025-10-03

2025-10-02

2025-10-01

2025-09-30

2025-09-29

2025-09-28

2025-09-27

2025-09-26

2025-09-25

2025-09-24

2025-09-23

2025-09-22

2025-09-21

2025-09-20

2025-09-19

2025-09-18

2025-09-17

2025-09-16

2025-09-15

2025-09-14

2025-09-13

2025-09-12

2025-09-11

2025-09-10

2025-09-09

2025-09-08

2025-09-07

2025-09-06

2025-09-05

2025-09-04

2025-09-03

2025-09-02

2025-09-01

2025-08-31

2025-08-30

2025-08-29

2025-08-28

2025-08-27

2025-08-26

2025-08-25

2025-08-24

2025-08-23

2025-08-22

2025-08-21

2025-08-20

2025-08-19

2025-08-18

2025-08-17

2025-08-16

2025-08-15

2025-08-14

2025-08-13

2025-08-12

2025-08-11

2025-08-10

2025-08-09

2025-08-08

2025-08-07

2025-08-06

2025-08-05

2025-08-04

2025-08-03

2025-08-02

2025-08-01

2025-07-31

2025-07-30

2025-07-29

2025-07-28

2025-07-27

2025-07-26

2025-07-25

2025-07-24

2025-07-23

2025-07-22

2025-07-21

2025-07-20

2025-07-19

2025-07-18

2025-07-17

2025-07-16

2025-07-15

2025-07-14

2025-07-11

2025-07-10

2025-07-09

2025-07-08

2025-07-07

2025-07-06

2025-07-05

2025-07-04

2025-07-03

2025-07-02

2025-07-01

2025-06-30

2025-06-29

2025-06-28

2025-06-27

2025-06-26

2025-06-25

2025-06-24

2025-06-23

2025-06-22

2025-06-21

2025-06-20

2025-06-19

2025-06-18

2025-06-17

2025-06-16

2025-06-15

2025-06-14

2025-06-13

2025-06-12

2025-06-11

2025-06-10

2025-06-09

2025-06-08

2025-06-07

2025-06-06

2025-06-05

2025-06-04

2025-06-03

2025-06-02

2025-06-01

2025-05-31

2025-05-30

2025-05-29

2025-05-28

2025-05-27

2025-05-26

2025-05-25

2025-05-24

2025-05-23

2025-05-22

2025-05-21

2025-05-20

2025-05-19

2025-05-18

2025-05-17

2025-05-16

2025-05-15

2025-05-14

2025-05-13

2025-05-12

2025-05-11

2025-05-10

2025-05-09

2025-05-08

2025-05-07

2025-05-06

2025-05-05

2025-05-04

2025-05-03

2025-05-02

2025-05-01

2025-04-30

2025-04-29

2025-04-28

2025-04-27

2025-04-26

2025-04-25

2025-04-24

2025-04-23

2025-04-22

2025-04-20

2025-04-21

2025-04-19

2025-04-18

2025-04-17

2025-04-15

2025-04-16

2025-04-14

2025-04-13

2025-04-12

2025-04-11

2025-04-10

2025-04-09

2025-04-08

2025-04-07

2025-04-06

2025-04-05

2025-04-04

2025-04-03

2025-04-02

2025-04-01

2025-03-31

2025-03-30

2025-03-29

2025-03-28

2025-03-27

2025-03-26

2025-03-25

2025-03-24

2025-03-23

2025-03-22

2025-03-21

2025-03-20

2025-03-19

2025-03-18

2025-03-17

2025-03-16

2025-03-15

2025-03-14

2025-03-13

2025-03-12

2025-03-11

2025-03-10

2025-03-09

2025-03-08

2025-03-07

2025-03-06

2025-03-05

2025-03-04

2025-03-03

2025-03-02

2025-03-01

2025-02-28

2025-02-27

2025-02-26

2025-02-25

2025-02-24

2025-02-23

2025-02-21

2025-02-20

2025-02-19

2025-02-18

2025-02-17

2025-02-16

2025-02-15

2025-02-14

2025-02-13

2025-02-12

2025-02-11

2025-02-10

2025-02-09

2025-02-08

2025-02-07

2025-02-06

2025-02-05

2025-02-04

2025-02-03

2025-02-02

2025-02-01

2025-01-31

2025-01-30

2025-01-29

2025-01-28

2025-01-27

2025-01-26

2025-01-24

2025-01-23

2025-01-22

2025-01-21

2025-01-20

2025-01-19

2025-01-18

2025-01-17

2025-01-16

2025-01-15

2025-01-14

2025-01-13

2025-01-11

2025-01-10

2025-01-09

2025-01-08

2025-01-07

2025-01-06

2025-01-05

2025-01-04

2025-01-03

2025-01-02

2025-01-01

2024-12-31

2024-12-30

2024-12-29

2024-12-28

2024-12-27

2024-12-26

2024-12-25

2024-12-23

2024-12-21

2024-12-20

2024-12-19

2024-12-18

2024-12-17

2024-12-16

2024-12-13

2024-12-12

2024-12-09

2024-12-08

2024-12-07

2024-12-06

2024-12-05

2024-12-04

2024-12-03

2024-12-02

2024-11-30

2024-11-29

2024-11-28

2024-11-27

2024-11-26

2024-11-25

2024-11-24

2024-11-23

Labels

Clear labels

Implemented in VED waiting push to Main

breaking change

bug

bug

bugfix

deferred

delete script

dependencies

enhancement

external

feature

github

help wanted

in project pipeline

invalid

investigation

json

maintenance

needs triage

new script

new script

nice to have

not a script issue

not planned

organization

question

refactor

rename script

security

update script

website

wontdo

🛑 Failure to comply with the guidelines

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/ProxmoxVE#1195