Bug #16250: Firewall rules with an interface address for the NAT64 source always use the interface itself - pfSense - pfSense bugtracker

Actions

Copy link

Bug #16250

closed

Firewall rules with an interface address for the NAT64 source always use the interface itself

Added by Marcos M 3 months ago. Updated 2 months ago.

Status:

Resolved

Priority:

Normal

Assignee:

Marcos M

Category:

Rules / NAT

Target version:

2.8.1

Start date:

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

25.07

Release Notes:

Default

Affected Version:

2.8.0

Affected Architecture:

Description

NAT64 rules with the NAT64 source set to <interface> address always reference the interface of that address. For example if the NAT64 source is set to OPT1 address (i.e. opt1ip), the rule is generated as follows:

@100 pass in quick on mvneta1.229 inet6 from <OPT4__NETWORK:1> to 64:ff9b::c0a8:100/120 flags S/SA keep state (if-bound) label "USER_RULE: Test NAT64 rule" label "id:1749511336" ridentifier 1749511336 af-to inet from (mvneta1.229)

The part af-to inet from (mvneta1.229) should instead be af-to inet from 192.168.220.1.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #16250

Firewall rules with an interface address for the NAT64 source always use the interface itself

Updated by Marcos M 3 months ago

Updated by Marcos M 3 months ago

Updated by Georgiy Tyutyunnik 3 months ago

Updated by Jim Pingle 2 months ago

Updated by Jim Pingle 2 months ago