Actions
Regression #15197
closed
Outbound NAT rules using an alias without a matching address family create unexpected PF rules
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
24.03
Release Notes:
Default
Affected Version:
Affected Architecture:
Description
Create an Outbound NAT rule with:
- Do not NAT checked
- IPv4+IPv6 for address family
- Source <interface> subnets using an interface with only IPv6
Create an Outbound NAT rule with:
- Do not NAT checked
- IPv4 for address family
- Source <interface> subnets using an interface with only IPv6
These rules result in e.g.:
no nat on $ISP1 from any to any # TEST no nat on $ISP1 inet from any to any # TEST
Instead of defaulting to a host of any, no rule should be generated.
Files
Updated by Marcos M 10 months ago
- Status changed from Waiting on Merge to Feedback
- % Done changed from 0 to 100
Applied in changeset 4f90b67bb214521e5fc554fa24e97a0b283ad8c3.
Updated by Georgiy Tyutyunnik 10 months ago
- File rulesNAT.txt rulesNAT.txt added
tested and reproduced on:
Version 24.03-DEVELOPMENT (amd64)
built on Tue Jan 23 6:00:00 UTC 2024
FreeBSD 15.0-CURRENT
patch works. relevant ruleset part before and after patch attached
Updated by Jim Pingle 10 months ago
- Subject changed from Outbound NAT rules using an alias without a matching IP family create unexpected pf rules to Outbound NAT rules using an alias without a matching address family create unexpected PF rules
Actions