[SOLVED] Firewall -> NAT Rules -> Aliases not working for Destination

Started by Hektor, January 25, 2016, 03:08:30 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 25, 2016, 03:08:30 PM Last Edit: September 18, 2016, 11:41:59 PM by franco
Hello,

when I create a firewall rule the Destination field must be typed manually. I would expect so select it from the defined Aliases? At least that would be very helpful :-)

Is this a forgotten field/bug or does it have some other good reason?

Regards
January 25, 2016, 08:58:25 PM #1
Hi Hektor,

Your defined aliases should be selectable from the "Destination" dropdown box, are you using the latest version?

Regards,

Ad
January 26, 2016, 12:20:31 AM #2
I can confirm that it works for Destination, but for "Redirect target IP" you do have to either type the Alias, or IP address.
Wouldn't it make sense to have a combination of manual entry and drop down menu there as well?
Hobbyist at home, sysadmin at work. Sometimes the first is mixed with the second.
January 26, 2016, 05:10:25 AM #3
Well,  thats a cool idea man!
January 26, 2016, 08:17:46 AM #4
I'm not sure that's a good idea, aliases can contain multiple addresses the target ip is supposed to be one (as far as I know).
January 26, 2016, 08:44:47 AM #5 Last Edit: January 26, 2016, 08:47:29 AM by weust
Alright, but how can a Destination have multiple addresses then?

Update: I see it now. Can be a Network of addresses.
Update 2: But if a Target can be only one address, then why allow specifying a Alias?. That should be disallowed then.
Hobbyist at home, sysadmin at work. Sometimes the first is mixed with the second.
January 26, 2016, 08:46:27 AM #6
if you have a net and want to redirect all traffic from a selection of hosts to one target, you should be able to do so.
January 26, 2016, 09:06:15 AM #7
Ah, OK. I can imagine something like Nagios needing that.
(hardly slept, far from awake)
Hobbyist at home, sysadmin at work. Sometimes the first is mixed with the second.
September 06, 2016, 08:25:59 AM #8
Bump.  Having no select box for existing Aliases on the "Redirect target IP" field kind of threw me for a bit.  Kept selecting my desired host/Alias in the Destination field, and it just wasn't working until I selected "Internet Address" for the Destination, then typed in my desired IP address (and later the Alias name instead) in the Redirect target IP field.

Been using pfSense too long (but not often enough), I guess.  Anyway, thanks for the tip.  What's it going to take to get the field turned into a select box, like Destination is?  A bounty, anyone?
September 06, 2016, 09:07:46 PM #9
@reliberate I just committed a change for this, if you have time to test, execute the following on your console:

Code Select

opnsense-patch d3d583ab83
September 18, 2016, 11:41:34 PM #10
This will be in 16.7.4.
Print
Go Up Pages1
User actions