1 to 1 NAT allows entry of mixed IP addresses
When adding a 1:1 NAT entry it is possible to enter a mix of IPv4 and IPv6 addresses in the various External Internal and Destination IP boxes, which is not caught by the validation. Thus getting "error loading the rules", such as this example rubbish that I entered to get the message:
/rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:45: binat ip versions must match - The line in question reads : binat on em0 from 188.8.131.52 to aaaa::4/31 -> bbbb::0
I guess it should make sure all the addresses are of one IP address family.
Updated by Jim Pingle almost 7 years ago
- Status changed from Feedback to Resolved
- Assignee set to Phillip Davis
- Target version set to 2.4.0
Yes, this should have a 2.4 target. And it's already been tested, but I tested it again on a current snapshot and it's correctly validating.