Project

General

Profile

Bug #11734

NAT rule overlap detection is inconsistent

Added by Marcos Mendoza about 2 months ago. Updated about 2 months ago.

Status:
Pull Request Review
Priority:
Normal
Category:
Rules / NAT
Target version:
Start date:
03/26/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
2.5.x
Affected Architecture:
All

Description

When saving an additional NAT port forward rule:

  1. The "protocol" field is effectively ignored in overlap checks
  2. The "source" field is not checked in overlap checks
  3. Rule is prevented from being saved when a destination mask is defined

History

#2 Updated by Jim Pingle about 2 months ago

  • Status changed from New to Rejected

Protocol doesn't overlap. You can have separate port forward rules for TCP and for UDP on the same port ranges which do not conflict.

Plus, that overlap check isn't for looking at network addresses, it's only making sure that port ranges do not overlap.

#3 Updated by Marcos Mendoza about 2 months ago

I've added some further details on it. At the least, there is a typo that should be fixed.

#4 Updated by Jim Pingle about 2 months ago

  • Status changed from Rejected to Pull Request Review
  • Target version set to CE-Next

Also available in: Atom PDF