Bug #6472
Disabling NAT (port forward) rule does not disable the associated firewall rule
100%
Description
As per subject. Worked just fine with 2.2.x.
NAT:
Firewall rule:
# pfctl -vvsr | grep ActiveSync @248(1418347164) pass in quick on igb1 reply-to (igb1 188.xx.xx.xx) inet proto tcp from any to 10.0.0.10 port = https flags S/SA keep state label "USER_RULE: NAT Mailserver ActiveSync"
Associated revisions
Ticket #6472: Add toggle_id
Introduce toggle_id() used to enable/disable associated firewall rules
Ticket #6472: Respect disabled field
Respect disabled field when creating firewall associated rule
Fix #6472: Enable/Disable associated firewall rule when NAT rule changes
Ticket #6472: Add toggle_id
Introduce toggle_id() used to enable/disable associated firewall rules
Ticket #6472: Respect disabled field
Respect disabled field when creating firewall associated rule
Fix #6472: Enable/Disable associated firewall rule when NAT rule changes
History
#1
Updated by Chris Buechler over 1 year ago
- Category changed from Web Interface to Rules/NAT
- Status changed from New to Confirmed
- Affected version changed from 2.3.x to All
It never has. Rule doesn't do anything since there's no matching NAT. I thought there was already a ticket for this, but can't seem to find one.
#2
Updated by Chris Buechler about 1 year ago
- Target version changed from 2.3.2 to 2.4.0
#3
Updated by Renato Botelho 10 months ago
- Assignee set to Renato Botelho
#4
Updated by Renato Botelho 10 months ago
- Status changed from Confirmed to Feedback
- % Done changed from 0 to 100
Applied in changeset be1bc233931122a67821bee7e02778f7c5138779.
#5
Updated by Jim Pingle 9 months ago
- Status changed from Feedback to Resolved
Works, associated rules are toggled together with the NAT rule when the NAT rule is changed.
#6
Updated by Jim Pingle 7 months ago
- Target version changed from 2.4.0 to 2.3.3