Actions
Bug #11556
open
Kill all states associated with a NAT address
Status:
New
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
-
Start date:
02/26/2021
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:
Description
Assume you have an external IP XXX
And an OpenVPN net 192.168.200.0/0
After OpenVPN client connects it gets an IP 192.168.200.2
Now let's use States to see and kill all states for 192.168.200.2
There are lots of states look like this:
WAN tcp XXX:49313 (192.168.200.2:62472) -> <some_IP>:443 TIME_WAIT:TIME_WAIT 84 / 108 6 KiB / 129 KiB
And they don't get killed.
Expected - all states associated with 192.168.200.2 killed, or there is an option to select all and allow kill.
Updated by Jim Pingle 11 months ago
- Subject changed from Kill all states associated with an host IP NET address to Kill all states associated with a NAT address
- Category changed from NAT Reflection to Rules / NAT
Correcting the category and subject
The ask here is for a way to kill based on the NAT address in the state instead of the source or destination.
Updated by Marcos Mendoza 10 months ago
I can confirm this is currently an issue.
Actions