ClearFoundation Tracker - ClearOS | |||||
| View Issue Details | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0000993 | ClearOS | app-firewall - Firewall | public | 2013-02-25 20:46 | 2019-04-26 02:52 |
| Reporter | user2 | ||||
| Assigned To | |||||
| Priority | normal | Severity | tweak | Reproducibility | always |
| Status | closed | Resolution | suspended | ||
| Platform | OS | OS Version | |||
| Product Version | |||||
| Target Version | Fixed in Version | ||||
| Summary | 0000993: Access to local WAN network should be permitted even when WAN is offline | ||||
| Description | In some circumstances, access equipment directly connected to a WAN is necessary even when offline. Consider example: - WAN1 / eth1 @ 2.2.2.2 with gateway 2.2.2.1 - WAN2 / eth2 @ 3.3.3.3 with gateway 3.3.3.1 - LAN / eth3 @ 192.168.99.x If WAN1 goes offline, it should be possible to still access the gateway at 2.2.2.1. Currently, that access fails due to masquerading/routing. When WAN1 is offline, traffic from the LAN (192.168.99.x) to 2.2.2.1 is not masqueraded. When the 2.2.2.1 system sends the reply, it will sent it out its default gateway (not back to 2.2.2.2). | ||||
| Steps To Reproduce | |||||
| Additional Information | In ClearOS 5.x, the following workaround is available - add masquerading to all WAN interfaces in /etc/rc.d/rc.firewall.local. Continuing with our example, this would be: /sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE /sbin/iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE In ClearOS 6, additional work is required. The individual routing tables for external interfaces (first loop in RunMultipath()) interferes with the above workaround. To investigate. | ||||
| Tags | No tags attached. | ||||
| Relationships | |||||
| Attached Files | |||||
| Issue History | |||||
| Date Modified | Username | Field | Change | ||
| 2013-02-25 20:46 | user2 | New Issue | |||
| 2013-02-25 20:47 | user2 | Assigned To | => user2 | ||
| 2013-02-25 20:47 | user2 | Status | new => confirmed | ||
| 2013-02-25 20:49 | user2 | Additional Information Updated | bug_revision_view_page.php?rev_id=45#r45 | ||
| 2013-02-25 20:49 | user2 | Assigned To | user2 => dsokoloski | ||
| 2013-02-25 20:49 | user2 | Status | confirmed => assigned | ||
| 2013-02-25 20:56 | user2 | Description Updated | bug_revision_view_page.php?rev_id=47#r47 | ||
| 2019-04-26 02:52 | NickH | Note Added: 0011811 | |||
| 2019-04-26 02:52 | NickH | Status | assigned => closed | ||
| 2019-04-26 02:52 | NickH | Assigned To | dsokoloski => | ||
| 2019-04-26 02:52 | NickH | Resolution | open => suspended | ||
| Notes | |||||
|
|
|||||
|
|
||||