Project

General

Profile

Actions

Bug #11984

closed

Automatic Outbound NAT mode can create incorrect rules in some cases

Added by Viktor Gurov over 3 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Viktor Gurov
Category:
Rules / NAT
Target version:
Start date:
06/02/2021
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
22.05
Release Notes:
Default
Affected Version:
2.5.1
Affected Architecture:

Description

In some cases it uses incorrect IPv6 link-local address specification:

There were error(s) loading the rules: /tmp/rules.debug:77: 
could not parse host specification - The line in question reads [77]: 
nat on $WAN_DSL inet6 from ::1/128 to any port 500 -> fe80::aa:bb:cc:dd%pppoe1/128 static-port 
# Auto created rule for ISAKMP - localhost to 157_TELEKOM_DSL

must be:

nat on $WAN_DSL inet6 from ::1/128 to any port 500 -> fe80::aa:bb:cc:dd/128 static-port

Actions #1

Updated by Viktor Gurov almost 3 years ago

may be related to #11764

Actions #3

Updated by Jim Pingle almost 3 years ago

  • Status changed from New to Pull Request Review
  • Assignee set to Viktor Gurov
  • Target version set to CE-Next
  • Plus Target Version set to 22.05
Actions #4

Updated by Viktor Gurov over 2 years ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100
Actions #5

Updated by Jim Pingle over 2 years ago

  • Target version changed from CE-Next to 2.7.0
Actions #6

Updated by Jim Pingle over 2 years ago

  • Status changed from Feedback to Resolved

I can't find any way to reproduce the original issue here, but the code in the change is solid, the scope is removed as it should be.

Actions

Also available in: Atom PDF