Project

General

Profile

Bug #8437

invalid outbound nat rules written when using ipv6 rules on interfaces that also have ipv4 adresses..

Added by Pi Ba about 1 year ago. Updated 9 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Rules/NAT
Target version:
Start date:
04/05/2018
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.4.4
Affected Architecture:
All

Description

Rules like below can be generated with the outbound-nat settings:
nat on $LANI proto icmp from fd:1:2:3::/64 to any -> 192.168.133.1/32 port 1024:65535
nat on $1WANDESCRIPTIONFORINT proto icmp from 1:2:3:4::/64 to any -> FE80::2/32 port 1024:65535

However the ipv4 ip is wrong, and also the /32 subnet on the interface ip should not happen:

fix: https://github.com/pfsense/pfsense/pull/3934

History

#1 Updated by Steve Beaver 10 months ago

  • Status changed from New to This Sprint

#2 Updated by Steve Beaver 10 months ago

  • Assignee set to Anonymous

@sjones - Please test this PR so we can merge it and resolve this issue

https://github.com/pfsense/pfsense/pull/3934

#3 Updated by Jim Pingle 10 months ago

  • Status changed from This Sprint to Feedback

PR merged

#4 Updated by Vladimir Lind 9 months ago

  • Status changed from Feedback to Resolved

On 2.4.3-p1:

nat on $LAN_VLAN11 from 2607:fd48:300::/56 to any -> 192.168.51.1/32 port 1024:65535

On 2.4.4 Fri Aug 17 20:20:38 EDT 2018:

nat on $LAN inet6 from 2001:470:1f15:87b::/64 to any -> 2001:470:1f15:87b::1/128 port 1024:65535

Looks good.

Also available in: Atom PDF