Anonymous | Login | 2024-12-22 00:04 MST |
Main | My View | View Issues | Change Log | Roadmap | Repositories |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0005811 | ClearOS | app-nat-firewall - 1-to-1 NAT | public | 2015-10-29 20:49 | 2020-05-14 10:31 | ||||
Reporter | dloper | ||||||||
Assigned To | |||||||||
Priority | low | Severity | minor | Reproducibility | always | ||||
Status | closed | Resolution | suspended | ||||||
Platform | OS | OS Version | |||||||
Product Version | 7.1.0 | ||||||||
Target Version | Fixed in Version | ||||||||
Summary | 0005811: Network namespaces length in API | ||||||||
Description | Because of the new lengths that are automatically assigned to network interfaces, checks need to be put into place for resultant interface types. There is a hard limit to the network name length in linux of 15 characters. (See: http://stackoverflow.com/questions/24932172/what-length-can-a-network-interface-name-have [^]) This means that in 1:1 nat, if the originating network interface is 12 characters long or longer, it will bork and truncate. For example: en0s0p0.1001:200 will truncate to en0s0p0.1001:20 This would be a VLAN 1001 interface card on the first port on a multiport NIC that is is being added to 1:1 nat. This is the first place that this problem presents itself but it is possible for this issue to rise with other modules especially if the base NIC name is long and on a large numbered VLAN. 1:1 nat adds a colon and a three digit number starting at 200. These 4 characters means that interfaces with 12 characters or longer should be prohibited. By adding a validation check to the 1:1 nat rule creation that looks at the base name of the interface and then prohibits an add if the base nic is greater than 11 characters with the message: "Base NIC name ($nic) length is too long. Use shorter NIC name or convert NIC to alias 'netwkX' name." | ||||||||
Additional Information | The nic designation of 'netwk' is being added to the interface list so that individuals can alias NIC names using the 'net.ifnames=0' kernel directive with a modification to the /etc/udev/rules.d/70-persistent-net.rules, with an entry such as: SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="01:02:03:04:05:06", ATTR{type}=="1", KERNEL=="eth*", NAME="netwk0" | ||||||||
Tags | No tags attached. | ||||||||
Attached Files | |||||||||
Notes | |
(0014401) NickH (developer) 2020-05-14 10:31 |
Migrated to https://gitlab.com/clearos/clearfoundation/app-nat-firewall/-/issues/8 [^] |
Issue History | |||
Date Modified | Username | Field | Change |
2015-10-29 20:49 | dloper | New Issue | |
2015-10-29 21:59 | user2 | Status | new => confirmed |
2015-10-29 21:59 | user2 | Target Version | 7.2.0 Beta 1 => |
2020-05-14 10:31 | NickH | Note Added: 0014401 | |
2020-05-14 10:31 | NickH | Status | confirmed => closed |
2020-05-14 10:31 | NickH | Resolution | open => suspended |