Page MenuHomeVyOS Platform
Create Task
Maniphest T6094

Destination Nat not Making Firewall Rules
Closed, ResolvedPublicBUG
Actions

Description

In the latest rolling release, I found that the desination NAT firewall rules were not working. Documentation says to create the following firewall rule:

foreach ($list as $item) {

set firewall ipv4 forward filter rule 10 action accept
set firewall ipv4 forward filter rule 10 connection-status nat destination
set firewall ipv4 forward filter rule 10 state new enable

  work_miracles($item);
}

However it didn't seem to work. I manually created the firewall rules and all of my DNAT started working. I had this configuration in a previous rolling release so this is a loss of functionality.

Details

Difficulty level
Easy (less than an hour)
Version
1.5-rolling-202403020021, 1.4.0-epa1
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

ImDono created this task.Mar 4 2024, 2:07 PM
Viacheslav triaged this task as High priority.Mar 4 2024, 2:12 PM
n.fort added a subscriber: n.fort.Mar 4 2024, 3:20 PM

Duplicated: https://vyos.dev/T6061

pasik added a subscriber: pasik.Mar 4 2024, 6:02 PM
n.fort added a comment.Mar 5 2024, 11:01 AM

PR: https://github.com/vyos/vyos-1x/pull/3087

n.fort changed the task status from Open to In progress.Mar 5 2024, 11:04 AM
n.fort claimed this task.
n.fort added a project: VyOS 1.4 Sagitta (1.4.0).
n.fort changed Version from 1.5-rolling-202403020021 to 1.5-rolling-202403020021, 1.4.0-epa1.
n.fort changed Issue type from Feature/functionality removal to Bug (incorrect behavior).
n.fort changed the task status from In progress to Needs testing.Mar 6 2024, 1:27 PM
n.fort closed this task as Resolved.Mar 8 2024, 11:31 AM
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.5 Circinus board.Mar 9 2024, 9:38 AM