Page MenuHomeVyOS Platform
Create Task
Maniphest T6365

Negating interface names in NAT configuration causes invalid warnings
Closed, ResolvedPublicBUG
Actions

Description

Issue description

Whenever a NAT rule with negation in the interface name is used, an invalid warning appears.

Expected behavior

No warnings appear on screen when commit is executed.

Example of such configuration

set nat destination rule 10 description 'DNS'
set nat destination rule 10 destination address 10.0.0.1
set nat destination rule 10 destination port 53
set nat destination rule 10 inbound-interface name '!eth0'  # <--- here, eth0 is negated
set nat destination rule 10 protocol 'tcp_udp'
set nat destination rule 10 translation address 172.16.0.1

Console output after commit

WARNING: NAT interface "!eth0" for destination NAT rule "10" does not exist!

Suggested fix

https://github.com/vyos/vyos-1x/pull/3482

Details

Version
1.5-rolling-202405121403
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

alryaz created this task.May 18 2024, 2:02 PM
pasik subscribed.May 18 2024, 2:34 PM
syncer triaged this task as Normal priority.May 19 2024, 8:02 AM
Restricted Repository Identity mentioned this in rVYOSONEX252ae4b0b951: Merge pull request #3482 from alryaz/patch-1.May 22 2024, 6:01 PM
c-po mentioned this in rVYOSONEX645c43ba60d2: nat: T6365: use interface_exists() over netifaces.interfaces().May 22 2024, 6:01 PM
c-po mentioned this in rVYOSONEX387024751774: nat: T6365: use string startswith() over [0] index access.
c-po mentioned this in rVYOSONEX03eae30b2743: nat: T6365: remove warnings for negated interface selections by name.
c-po changed the task status from Open to In progress.May 22 2024, 6:01 PM
c-po assigned this task to alryaz.
c-po added a project: VyOS 1.4 Sagitta (1.4.0-GA).
Restricted Repository Identity mentioned this in rVYOSONEXc64d877d2a1f: nat: T6365: remove warnings for negated interface selections by name.May 22 2024, 6:02 PM
Restricted Repository Identity mentioned this in rVYOSONEX50e7577815ca: nat: T6365: use string startswith() over [0] index access.
Restricted Repository Identity mentioned this in rVYOSONEXa2293874c80d: nat: T6365: use interface_exists() over netifaces.interfaces().
c-po subscribed.May 22 2024, 6:07 PM

https://github.com/vyos/vyos-1x/pull/3482

c-po added a comment.May 22 2024, 6:12 PM

Same issue applies to NAT66, too

https://github.com/vyos/vyos-1x/pull/3505

Restricted Repository Identity mentioned this in rVYOSONEX7279f7496698: Merge pull request #3504 from vyos/mergify/bp/sagitta/pr-3482.May 23 2024, 9:21 AM
Restricted Repository Identity mentioned this in rVYOSONEX0f551d2a1d58: Merge pull request #3505 from c-po/nat66-T6365.
c-po mentioned this in rVYOSONEX59781ff365a5: nat66: T6365: remove warnings for negated interface selections by name.May 23 2024, 9:22 AM
Restricted Repository Identity mentioned this in rVYOSONEXb1342f186c56: nat66: T6365: remove warnings for negated interface selections by name.May 23 2024, 9:23 AM
Restricted Repository Identity mentioned this in rVYOSONEXc9945d09c2ad: Merge pull request #3509 from vyos/mergify/bp/sagitta/pr-3505.May 23 2024, 9:49 AM
Giggum subscribed.Jun 25 2024, 2:09 AM

Should this ticket be closed? I see the PRs were merged more than a month ago.

Viacheslav closed this task as Resolved.Jun 25 2024, 4:24 AM
Viacheslav moved this task from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-GA) board.