Actions
Bug #12168
closed
1:1 NAT rule with internal IP address of "Any" results in an invalid firewall rule
Start date:
07/26/2021
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
22.01
Release Notes:
Default
Affected Version:
2.5.2
Affected Architecture:
Description
- Create a new 1:1 NAT rule
- Choose interface / external subnet IP
- Select
Anyfor Internal IP - Save/Apply
Result:
There were error(s) loading the rules: /tmp/rules.debug:45: syntax error - The line in question reads [45]: binat on vmx0 inet from to any -> 10.0.5.215
On previous pfSense versions, a "valid" rule would be created as: binat on vmx0 inet from any to any -> 10.0.5.215
If from any is invalid, then the rule should be disabled on upgrade, and input validation should catch it when it gets saved/re-enabled by the user. If it's supposed to be valid to account for a niche case, then the resulting pf rule should be valid.
Updated by Viktor Gurov 
Updated by 
Updated by 
Updated by 
Updated by
Actions