Actions
Regression #14415
closed
Enable IPv6 over IPv4 tunneling option results in invalid PF rule
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
23.05.1
Release Notes:
Default
Affected Version:
Affected Architecture:
Description
Enabling "Enable IPv6 over IPv4 tunneling" on system_advanced_network.php results in an invalid pf rule, leading to a ruleset error:
There were error(s) loading the rules: /tmp/rules.debug:59: syntax error - The line in question reads [59]: rdr on $WAN proto ipv6 from any to any -> @ 2023-05-25 10:07:58
The line in question is invalid as it lacks a destination:
59:rdr on $WAN proto ipv6 from any to any ->
The target system is in the config.xml and shows on system_advanced_network.php but it isn't making it into the ruleset.
It appears to be due to one variable missing a letter in filter.inc:
diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc
index 7063798529..255af0903c 100644
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -2490,7 +2490,7 @@ function filter_nat_rules_generate() {
(is_ipaddr($ipv6nataddr)) &&
(is_array($FilterIflist['wan']))) {
/* XXX: FIX ME! IPV6 */
- $natrules .= "rdr on \${$FilterIflist['wan']['descr']} proto ipv6 from any to any -> {$pv6nataddr}\n";
+ $natrules .= "rdr on \${$FilterIflist['wan']['descr']} proto ipv6 from any to any -> {$ipv6nataddr}\n";
}
unlink_if_exists("{$g['varetc_path']}/xinetd.conf");
This affects both 23.05 and 23.01.
Updated by 
Updated by
Actions