Project

General

Profile

Actions

Bug #8575

closed

IPv6 NPt field order bug?

Added by Donn Lasher almost 6 years ago. Updated almost 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Rules / NAT
Target version:
Start date:
06/14/2018
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
All

Description

Hoping this isn't a duplicate of 6985, but appears to be related.

Running 2.4.3_1, appears adding a new NPt creates a broken rule, which prevents loading rules with a syntax error:

There were error(s) loading the rules: /tmp/rules.debug:195: syntax error - The line in question reads [195]: binat on $HURRICANETUNNELCA inet6 from to any -> 2001:xxx:xxxx:20::/64
2018-06-14 08:57:47
There were error(s) loading the rules: /tmp/rules.debug:195: syntax error - The line in question reads [195]: binat on $HURRICANETUNNELCA inet6 from to any -> 2001:xxx:xxxx:20::/64
2018-06-14 08:57:48

Output from /tmp/rules.debug:
binat on $HURRICANETUNNELCA inet6 from to any -> 2001:xxx:xxxx:20::/64
binat on $HURRICANETUNNELCA inet6 from any to 2001:xxx:xxxx:20::/64 ->
binat on $HURRICANETUNNELWA inet6 from to any -> 2001:xxx:xxxx:20::/64
binat on $HURRICANETUNNELWA inet6 from any to 2001:xxx:xxxx:20::/64 ->

I’m guessing the “FROM” in lines 1 & 3 shouldn’t be empty. The config in the UI isn’t empty, either initially, or when I go back to edit the NPt rule.

REFERENCES:
https://forum.netgate.com/topic/131924/firewall-rules-bug/5
https://redmine.pfsense.org/issues/6985
https://redmine.pfsense.org/issues/7712

Actions

Also available in: Atom PDF