Catch exceptions in the process waf job, use symbols for actions, Don't create a rule which matches a supernet rule.

app/models/waf_policy.rb

@@ -152,9 +152,16 @@ validate :targets_must_be_array
   def create_rule_for_network_range(network_range)
     return nil unless matches_network_range?(network_range)
 
+    # Check for existing supernet rules before attempting to create
+    if network_range.supernet_rules.any?
+      supernet = network_range.supernet_rules.first
+      Rails.logger.debug "Skipping rule creation for #{network_range.cidr} - covered by supernet rule ##{supernet.id} (#{supernet.network_range.cidr})"
+      return nil
+    end
+
     rule = Rule.create!(
       waf_rule_type: 'network',
-      waf_action: policy_action,
+      waf_action: policy_action.to_sym,
       network_range: network_range,
       waf_policy: self,
       user: user,
@@ -203,7 +210,7 @@ validate :targets_must_be_array
 
       rule = Rule.create!(
         waf_rule_type: 'path_pattern',
-        waf_action: policy_action,
+        waf_action: policy_action.to_sym,
         waf_policy: self,
         user: user,
         source: "policy",