Project

General

Profile

Actions
Copy link

Todo #13052

closed

Consolidate vpn_networks and negate_networks tables

Added by Marcos M about 2 years ago. Updated about 2 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

It seems currently that both vpn_networks and negate_networks end up with the same content.

table <vpn_networks> { 172.25.3.0/24  172.17.105.0/24  172.25.1.0/24 }
table <negate_networks> { 172.25.3.0/24  172.17.105.0/24  172.25.1.0/24 }

If that is indeed the case, they can be consolidated to a single table. Consideration should be given to the different options used, such as Disable Negate rules in the System / Advanced / Firewall & NAT page.

Side note: When deleting an OpenVPN Server, a filter reload is not triggered and hence the negate_networks table is not updated accordingly until the next filter reload.

Related issues

Related to Todo #13058: Add static routes and directly connected networks back to policy route negation rulesNew

Actions
Actions
Copy link

Also available in: Atom PDF