Modify

Opened 7 years ago

Last modified 4 years ago

#8681 new defect

Port redirection blocks outgoing connections

Reported by: jbscience87@… Owned by: developers
Priority: normal Milestone: Barrier Breaker 14.07
Component: base system Version: Trunk
Keywords: Firewall Cc:

Description

Running trunk: 25042
A port redirect sending port 443 from the wan zone to a different port on the internal network is also capturing outbound traffic on port 443. My example from /etc/config/firewall

config 'redirect'
        option '_name' 'vpn'
        option 'src' 'wan'
        option 'proto' 'tcpudp'
        option 'src_dport' '443'
        option 'dest_ip' '10.0.1.221'
        option 'dest_port' '1194'
        option 'target' 'DNAT'
        option 'dest' 'lan'

The intention is to redirect incoming requests to a port on an internal machine. To my surprise, I am unable to connect to any secure web pages from within my network. The redirect does actually work, but is unusable in its current state.

~Jonathan Bennett

Attachments (0)

Change History (3)

comment:1 Changed 7 years ago by jow

Try setting "option reflection 0", does it change anything?

comment:2 Changed 7 years ago by Jonathan Bennett <jbscience87@…>

This is strange. I added the rule back, including your suggested fix. It worked. The strange part, though, is that it now works without that option. I am currently unable to reproduce the bug. Feel free to close the ticket, and I'll re-open if I run into it again.

comment:3 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.