Firewall rules error

diegonix · July 13, 2016, 09:20:37 PM

Hello,

Invalid configuration when creating Firewall rule. The intention was to redirect all IPv6 DNS queries to internal DNS forwarders, since some device came with DNS fixed.

Firewall Logs:

Code Select

There were error(s) loading the rules: /tmp/rules.debug:66: rule expands to no 
valid combination - The line in question reads [66]: nat on em0 proto tcp from 192.168.0.1/24 to
 2001:xxx:x:8xx::1 port 53 -> (em0)

fabian · July 13, 2016, 10:07:21 PM

this looks like a nat rule where the source is IPv4 and the destination is IPv6

diegonix · July 13, 2016, 11:00:12 PM

Yes, this was a feedback to prevent user from doing this and maybe add validation logic in GUI.

Code Select

/tmp/rules.debug:
nat on em0 proto tcp from 192.168.1.0/24 to 2001:4xxx:x:xxx::1 port 53 -> (em0)

Firewall rules error

diegonix

July 13, 2016, 09:20:37 PM

fabian

July 13, 2016, 10:07:21 PM #1

diegonix

July 13, 2016, 11:00:12 PM #2