Project

General

Profile

Actions

Bug #1187

closed

Creating NAT rule with valid (but long) label causes error loading pf rules

Added by Gary Richards almost 11 years ago. Updated almost 11 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
Rules / NAT
Target version:
Start date:
01/12/2011
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

I created a Firewall: NAT: Port Forward: rule with a description of: "Redirect tftp requests to tftp-proxy running locally."

It seems to have created an associated rule that ends up with a label that's too long because when I apply my rule changes I get this error:

php: : There were error(s) loading the rules: /tmp/rules.debug:103: rule label too long (max 63 chars) pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [103]: pass in quick on $BACK proto udp from 192.168.121.0/24 to 127.0.0.1 port 6969 label "USER_RULE: NAT Redirect tftp requests to tftp-proxy running locally."

It seems that it takes my original description and prepends 'USER_RULE: NAT' to it. This causes the associated rule to end up with more than 63 characters!

Presumably the form validates the original description as it's less than 63 characters before the other part is prepended.

Actions #1

Updated by Jim Pingle almost 11 years ago

  • Status changed from New to Feedback

Should be OK with the commit I made, 3b83b51ad2dd7d1ed3ecb0faab251813b3678a8e

Actions #2

Updated by Jim Pingle almost 11 years ago

  • % Done changed from 0 to 100
Actions #3

Updated by James Lepthien almost 11 years ago

That is now working correctly - tested on NanoBSD built on Thu Jan 13 20:30:46 EST 2011.

Actions #4

Updated by Chris Buechler almost 11 years ago

  • Status changed from Feedback to Resolved

thanks

Actions

Also available in: Atom PDF