Bug #2338
closedoutbound NAT rules rewrite themselves if active interface is deleted
100%
Description
To recreate:
1. Configure a working system with WAN, LAN, OPTx
2. Disable Automatic Outbound NAT and deleted automatically created rules
3. Create an outbound NAT rule on interface OPTx, source: LAN subnet
At this point you should have straight routing between LAN and WAN, and LAN>OPT1 should be NATed.
4. Now disable and delete the OPT1 interface
At this point the outbound NAT rule you created will rewrite itself. In my case it changed from OPTx interface to WAN, so my LAN hosts were now being NATed to WAN, breaking cPanel licensing and locking out inbound access for LAN hosts. A better behaviour would be to create an error when the user attempts to delete an interface that is active in outbound NAT, or automatically disable any affected NAT rules.
Updated by Chris Buechler over 12 years ago
- Category set to Rules / NAT
- Target version set to 2.1
- Affected Architecture added
- Affected Architecture deleted (
amd64)
the issue is it removes the interface from the outbound NAT rule and then assumes WAN when there is no interface. deleting an interface shouldn't touch its outbound NAT rules, and an outbound NAT rule that has no interface should likely be skipped and not assumed as WAN (though if that happens in other scenarios it may cause regressions for existing configs).
Updated by Renato Botelho almost 12 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset e99ba2d66e915904626fd90ecc87711169189bdc.
Updated by Renato Botelho almost 12 years ago
- Status changed from Feedback to Resolved