Firewall 1:1 Nat rule auto upgrade seems wrong

[opnsense-user123]

Hello:

I'm not sure why I noticed this between the 2nd and 3rd of July, as I thought I did the updates earlier. But there was a recent update that changed the syntax of my 1:1 NAT rules. There seems to be a mistake in the destination .. it was previously set to ANY but the auto-update changed it to be the same as the source IP. Here's before and after for one of them:

Code: [Select]

-    <onetoone>
-      <external>81.xxx.xxx.xxx</external>
-      <category/>
-      <descr>1:1 Nat for 3cx machine on lan</descr>
-      <interface>wan</interface>
-      <type>binat</type>
-      <source>
-        <address>192.168.1.10</address>
-      </source>
-      <destination>
-        <any>1</any>
-      </destination>
-    </onetoone>

Code: [Select]

+        <onetoone>
+          <rule uuid="362ae75b-xxxx-xxxx-a050-0a98fb27c888">
+            <enabled>1</enabled>
+            <log>0</log>
+            <sequence>1</sequence>
+            <interface>wan</interface>
+            <type>binat</type>
+            <source_net>192.168.1.10/32</source_net>
+            <source_not>0</source_not>
+            <destination_net>192.168.1.10/32</destination_net>
+            <destination_not>0</destination_not>
+            <external>81.xxx.xxx.xxx</external>
+            <natreflection/>
+            <categories/>
+            <description>1:1 Nat for 3cx machine on lan</description>
+          </rule>
+        </onetoone>
I had to manually modify the rule to change the destination back to ANY. I may have had to change the nat reflection setting also, but not sure as my debugging was not the most rigorous. Just letting you know that it seems like your script to update my rules needs a tweak. Thanks.