OPNsense Forum

Archive => 15.7 Legacy Series => Topic started by: Hektor on January 25, 2016, 03:08:30 pm

Title: [SOLVED] Firewall -> NAT Rules -> Aliases not working for Destination
Post by: Hektor on January 25, 2016, 03:08:30 pm

Hello,

when I create a firewall rule the Destination field must be typed manually. I would expect so select it from the defined Aliases? At least that would be very helpful :-)

Is this a forgotten field/bug or does it have some other good reason?

Regards

Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: AdSchellevis on January 25, 2016, 08:58:25 pm

Hi Hektor,

Your defined aliases should be selectable from the "Destination" dropdown box, are you using the latest version?

Regards,

Ad

Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: weust on January 26, 2016, 12:20:31 am

I can confirm that it works for Destination, but for "Redirect target IP" you do have to either type the Alias, or IP address.
Wouldn't it make sense to have a combination of manual entry and drop down menu there as well?

Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: cdburgess75 on January 26, 2016, 05:10:25 am

Well,  thats a cool idea man!

Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: AdSchellevis on January 26, 2016, 08:17:46 am

I'm not sure that's a good idea, aliases can contain multiple addresses the target ip is supposed to be one (as far as I know).

Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: weust on January 26, 2016, 08:44:47 am

Alright, but how can a Destination have multiple addresses then?

Update: I see it now. Can be a Network of addresses.
Update 2: But if a Target can be only one address, then why allow specifying a Alias?. That should be disallowed then.

Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: AdSchellevis on January 26, 2016, 08:46:27 am

if you have a net and want to redirect all traffic from a selection of hosts to one target, you should be able to do so.

Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: weust on January 26, 2016, 09:06:15 am

Ah, OK. I can imagine something like Nagios needing that.
(hardly slept, far from awake)

Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: reliberate on September 06, 2016, 08:25:59 am

Bump.  Having no select box for existing Aliases on the "Redirect target IP" field kind of threw me for a bit.  Kept selecting my desired host/Alias in the Destination field, and it just wasn't working until I selected "Internet Address" for the Destination, then typed in my desired IP address (and later the Alias name instead) in the Redirect target IP field.

Been using pfSense too long (but not often enough), I guess.  Anyway, thanks for the tip.  What's it going to take to get the field turned into a select box, like Destination is?  A bounty, anyone?

Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: AdSchellevis on September 06, 2016, 09:07:46 pm

@reliberate I just committed a change for this, if you have time to test, execute the following on your console:

Code: [Select]

opnsense-patch d3d583ab83


Title: Re: Firewall -> NAT Rules -> Aliases not working for Destination
Post by: franco on September 18, 2016, 11:41:34 pm

This will be in 16.7.4.