Actions
Bug #12792
closedAutomatic Outbound NAT rules do not include OpenVPN CSO entries
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
22.05
Release Notes:
Default
Affected Version:
2.5.2
Affected Architecture:
Description
filter_nat_rules_automatic_tonathosts()
generate NAT rules only for OpenVPN Client and Server tunnel networks:
https://github.com/pfsense/pfsense/blob/master/src/etc/inc/filter.inc#L1808-L1825
/* add openvpn interfaces */
if (is_array($config['openvpn']['openvpn-server'])) {
foreach ($config['openvpn']['openvpn-server'] as $ovpnsrv) {
if (!isset($ovpnsrv['disable']) && !empty($ovpnsrv['tunnel_network'])) {
$tonathosts[] = implode('/', openvpn_gen_tunnel_network($ovpnsrv['tunnel_network']));
$descriptions[] = gettext("OpenVPN server");
}
}
}
if (is_array($config['openvpn']['openvpn-client'])) {
foreach ($config['openvpn']['openvpn-client'] as $ovpncli) {
if (!isset($ovpncli['disable']) && !empty($ovpncli['tunnel_network'])) {
$tonathosts[] = implode('/', openvpn_gen_tunnel_network($ovpncli['tunnel_network']));
$descriptions[] = gettext("OpenVPN client");
}
}
}
the code to implement this can be taken from https://github.com/pfsense/FreeBSD-ports/pull/1135/commits/3f6f85763d801a5b4a2dd9dab77fe578ee358668
Updated by Viktor Gurov almost 3 years ago
Updated by Jim Pingle almost 3 years ago
- Status changed from New to Pull Request Review
- Target version set to 2.7.0
- Plus Target Version set to 22.05
Updated by Viktor Gurov almost 3 years ago
- Status changed from Pull Request Review to Feedback
- % Done changed from 0 to 100
Applied in changeset 5462da2a3e3e2a7a04d2efec66a66820145f7808.
Updated by Danilo Zrenjanin almost 3 years ago
- Status changed from Feedback to Resolved
Tested on:
2.7.0-DEVELOPMENT (amd64) built on Sat Mar 19 06:21:02 UTC 2022 FreeBSD 12.3-STABLE
CSO tunnel networks get automatically added by the Automatic outbound NAT rule generation.
Ticket resolved.
Updated by Jim Pingle almost 3 years ago
- Subject changed from Automatic Outbound NAT rules does not include OpenVPN CSO entries to Automatic Outbound NAT rules do not include OpenVPN CSO entries
Updating subject for release notes.
Actions