Bug #12168: 1:1 NAT rule with internal IP address of "Any" results in an invalid firewall rule - pfSense - pfSense bugtracker

Actions

Copy link

Bug #12168

closed

1:1 NAT rule with internal IP address of "Any" results in an invalid firewall rule

Added by Marcos M over 3 years ago. Updated about 3 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Viktor Gurov

Category:

Rules / NAT

Target version:

2.6.0

Start date:

07/26/2021

Due date:

% Done:

Estimated time:

Plus Target Version:

22.01

Release Notes:

Default

Affected Version:

2.5.2

Affected Architecture:

Description

Create a new 1:1 NAT rule
Choose interface / external subnet IP
Select Any for Internal IP
Save/Apply

Result:

There were error(s) loading the rules: /tmp/rules.debug:45: syntax error - The line in question reads [45]: binat on vmx0 inet from  to any -> 10.0.5.215

On previous pfSense versions, a "valid" rule would be created as: binat on vmx0 inet from any to any -> 10.0.5.215

If from any is invalid, then the rule should be disabled on upgrade, and input validation should catch it when it gets saved/re-enabled by the user. If it's supposed to be valid to account for a niche case, then the resulting pf rule should be valid.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #12168

1:1 NAT rule with internal IP address of "Any" results in an invalid firewall rule

Updated by Viktor Gurov over 3 years ago

Updated by Jim Pingle over 3 years ago

Updated by Marcos M over 3 years ago

Updated by Viktor Gurov over 3 years ago

Updated by Viktor Gurov over 3 years ago

Updated by Alhusein Zawi over 3 years ago

Updated by Jim Pingle about 3 years ago

Updated by Danilo Zrenjanin about 3 years ago

Updated by Jim Pingle about 3 years ago