Project

General

Profile

Actions

Bug #698

closed

nested network aliases problem

Added by Jesse Norell over 11 years ago. Updated over 11 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
Start date:
06/25/2010
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

When nesting an alias within a network alias, the default "/32" causes it to fail. You can manually change the cidr size to be empty and it works, but it would be nice to ignore that when nesting aliases.

Eg. this fails:

        <alias>
            <name>TestAlias</name>
            <address>64.187.64.40</address>
            <descr><![CDATA[Test Alias]]></descr>
            <type>host</type>
            <detail>Entry added Fri, 25 Jun 2010 13:18:28 -0600</detail>
        </alias>
        <alias>
            <name>TestNestedAlias</name>
            <address>TestAlias/32 64.187.65.178/32</address>
            <descr><![CDATA[This alias nests another alias]]></descr>
            <type>network</type>
            <detail>Entry added Fri, 25 Jun 2010 13:22:09 -0600||Entry added Fri, 25 Jun 2010 13:22:09 -0600</detail>
        </alias>

And shows this in rules.debug:

table <TestAlias> {   64.187.64.40 } 
TestAlias = "<TestAlias>" 
table <TestNestedAlias> {   64.187.65.178/32 } 
TestNestedAlias = "<TestNestedAlias>" 

While this works:

                <alias>
                        <name>TestAlias</name>
                        <address>64.187.64.40</address>
                        <descr><![CDATA[Test Alias]]></descr>
                        <type>host</type>
                        <detail>Entry added Fri, 25 Jun 2010 13:18:28 -0600</detail>
                </alias>
                <alias>
                        <name>TestNestedAlias</name>
                        <address>TestAlias 64.187.65.178</address>
                        <descr><![CDATA[This alias nests another alias]]></descr>
                        <type>network</type>
                        <detail>Entry added Fri, 25 Jun 2010 13:22:09 -0600||Entry added Fri, 25 Jun 2010 13:22:09 -0600</detail>
                </alias>

And rules.debug has:

table <TestAlias> {   64.187.64.40 } 
TestAlias = "<TestAlias>" 
table <TestNestedAlias> {    64.187.64.40  64.187.65.178 } 
TestNestedAlias = "<TestNestedAlias>" 

Actions #1

Updated by Ermal Luçi over 11 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #2

Updated by Erik Fonnesbeck over 11 years ago

Note that your existing non-working configuration still won't work. The change makes it so the nested alias will never get a CIDR on it when writing the alias to the configuration, even when nesting it in a network alias, thus allowing you to nest host or network aliases in network aliases on new aliases you create.

Actions #3

Updated by Chris Buechler over 11 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF