Project

General

Profile

Actions
Copy link

Bug #8437

closed

invalid outbound nat rules written when using ipv6 rules on interfaces that also have ipv4 adresses..

Added by Pi Ba about 6 years ago. Updated over 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
2.4.4
Start date:
04/05/2018
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.4
Affected Architecture:
All

Description

Rules like below can be generated with the outbound-nat settings:
nat on $LANI proto icmp from fd:1:2:3::/64 to any -> 192.168.133.1/32 port 1024:65535
nat on $1WANDESCRIPTIONFORINT proto icmp from 1:2:3:4::/64 to any -> FE80::2/32 port 1024:65535

However the ipv4 ip is wrong, and also the /32 subnet on the interface ip should not happen:

fix: https://github.com/pfsense/pfsense/pull/3934

Actions
Copy link
 #1

Updated by Anonymous over 5 years ago

  • Status changed from New to 13
Actions
Copy link
 #2

Updated by Anonymous over 5 years ago

  • Assignee set to Anonymous

@sjones - Please test this PR so we can merge it and resolve this issue

https://github.com/pfsense/pfsense/pull/3934

Actions
Copy link
 #3

Updated by Jim Pingle over 5 years ago

  • Status changed from 13 to Feedback

PR merged

Actions
Copy link
 #4

Updated by Vladimir Lind over 5 years ago

  • Status changed from Feedback to Resolved

On 2.4.3-p1:

nat on $LAN_VLAN11 from 2607:fd48:300::/56 to any -> 192.168.51.1/32 port 1024:65535

On 2.4.4 Fri Aug 17 20:20:38 EDT 2018:

nat on $LAN inet6 from 2001:470:1f15:87b::/64 to any -> 2001:470:1f15:87b::1/128 port 1024:65535

Looks good.

Actions
Copy link

Also available in: Atom PDF