Actions
Bug #12792
closed
Automatic Outbound NAT rules do not include OpenVPN CSO entries
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
22.05
Release Notes:
Default
Affected Version:
2.5.2
Affected Architecture:
Description
filter_nat_rules_automatic_tonathosts() generate NAT rules only for OpenVPN Client and Server tunnel networks:
https://github.com/pfsense/pfsense/blob/master/src/etc/inc/filter.inc#L1808-L1825
/* add openvpn interfaces */
if (is_array($config['openvpn']['openvpn-server'])) {
foreach ($config['openvpn']['openvpn-server'] as $ovpnsrv) {
if (!isset($ovpnsrv['disable']) && !empty($ovpnsrv['tunnel_network'])) {
$tonathosts[] = implode('/', openvpn_gen_tunnel_network($ovpnsrv['tunnel_network']));
$descriptions[] = gettext("OpenVPN server");
}
}
}
if (is_array($config['openvpn']['openvpn-client'])) {
foreach ($config['openvpn']['openvpn-client'] as $ovpncli) {
if (!isset($ovpncli['disable']) && !empty($ovpncli['tunnel_network'])) {
$tonathosts[] = implode('/', openvpn_gen_tunnel_network($ovpncli['tunnel_network']));
$descriptions[] = gettext("OpenVPN client");
}
}
}
the code to implement this can be taken from https://github.com/pfsense/FreeBSD-ports/pull/1135/commits/3f6f85763d801a5b4a2dd9dab77fe578ee358668
Updated by Viktor Gurov 
Updated by 
Updated by
Actions