Actions
Regression #15024
closedInvalid outbound NAT rules break the following rule
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
23.09.1
Release Notes:
Default
Affected Version:
2.7.1
Affected Architecture:
All
Description
Manual outbound NAT rules are commented out in the ruleset if they are invalid such as when he interface is disabled:
# Missing interface 'opt1' for rule 'Test'
However in 2.7.1 the following rule runs on immediately omitting it from the rules:
# Missing interface 'opt1' for rule 'Test'nat on $SWITCH inet proto tcp from $OPT3__NETWORK to any -> 192.168.70.1/32 port 443 # Test2
Updated by Steve Wheeler about 1 year ago
In my test case the rule is added twice:
# Outbound NAT rules (manual) nat on $SWITCH inet from 172.21.16.0/24 to 192.168.1.0/24 -> 192.168.70.1/32 port 1024:65535 # Temp AP access nat on $SWITCH inet from 172.21.16.0/24 to 10.232.209.0/24 -> 10.232.209.10/32 port 1024:65535 # Temp AP access # Missing interface 'opt1' for rule 'Test'nat on $SWITCH inet proto tcp from $OPT3__NETWORK to any -> 192.168.70.1/32 port 443 # Test2 nat on $SWITCH inet6 proto tcp from $OPT3__NETWORK to any -> (igb3) port 443 # Test2
But is not for other reported cases:
https://forum.netgate.com/topic/184251/routing-interface-gateway-issues-after-updating-from-ce-2-7-2-71/
Updated by Marcos M about 1 year ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset b7f2b1dc3f0c15c4b2b9d475848f42573c43e261.
Updated by Steve Wheeler about 1 year ago
Patch looks good:
# Outbound NAT rules (manual) nat on $SWITCH inet from 172.21.16.0/24 to 192.168.1.0/24 -> 192.168.70.1/32 port 1024:65535 # Temp AP access nat on $SWITCH inet from 172.21.16.0/24 to 10.232.209.0/24 -> 10.232.209.10/32 port 1024:65535 # Temp AP access # Missing interface 'opt1' for rule 'Test' nat on $SWITCH inet proto tcp from $OPT3__NETWORK to any -> 192.168.70.1/32 port 443 # Test2 nat on $SWITCH inet6 proto tcp from $OPT3__NETWORK to any -> (igb3) port 443 # Test2
Updated by Jim Pingle about 1 year ago
- Target version changed from 2.8.0 to 2.7.2
- Plus Target Version changed from 24.03 to 23.09.1
Actions