Project

General

Profile

Actions

Bug #10752

closed

1:1 NAT issue if Internal IP has VIPs

Added by Viktor Gurov over 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal
Category:
Rules / NAT
Target version:
Start date:
07/10/2020
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.5-p1
Affected Architecture:

Description

If you set 'Internal IP' on the firewall_nat_1to1_edit.php to net (OPT1 net, for example)
and OPT1 interface has any VIPs on top of it,
filter_generate_address() returns all of them, creating incorrect pf ruleset:

binat on vtnet1 from { 172.16.16.0/24 192.168.4.0/24 } to 6.6.6.1 -> 192.168.122.179

then you get error:

There were error(s) loading the rules: /tmp/rules.debug:53: multiple binat ip addresses - The line in question reads [53]: binat on vtnet1 from { 172.16.16.0/24 192.168.4.0/24 } to 6.6.6.1 -> 192.168.122.179

Actions #2

Updated by Jim Pingle over 1 year ago

  • Status changed from New to Pull Request Review
Actions #3

Updated by Renato Botelho over 1 year ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • Target version set to 2.5.0
  • % Done changed from 0 to 100

PR has been merged. Thanks!

Actions #4

Updated by Danilo Zrenjanin about 1 year ago

  • Status changed from Feedback to Resolved

Reproduced the issue. After adding the patch, filter reloaded without issues.

Actions

Also available in: Atom PDF