vyatta-nat: check nat rules for errors before processing them for real - vyatta-nat.git - Vyatta configuration/operational commands for NAT (mirror of https://github.com/vyos/vyatta-nat.git)

diff options

author	Alex Harpin <development@landsofshadow.co.uk>	2015-07-19 10:18:30 +0100
committer	Alex Harpin <development@landsofshadow.co.uk>	2015-07-19 10:27:34 +0100
commit	84b4345897825efd8f2ac6144f16a501f1b157e5 (patch)
tree	7a6dc7db961ff21158927eb7e6a96218ea4a1f61 /debian/changelog
parent	5d5445e1b1851e7e0a150ad53e7286f98b20b039 (diff)
download	vyatta-nat-84b4345897825efd8f2ac6144f16a501f1b157e5.tar.gz vyatta-nat-84b4345897825efd8f2ac6144f16a501f1b157e5.zip

vyatta-nat: check nat rules for errors before processing them for real

Errors in both source and destination NAT rules can cause either rules to be overwritten (completely or partially), dropped entirely, or just ending up with an inconsistent state in comparison to the current configuration. This can lead to unpredictable NAT results, which can't even be corrected by deleting all the nat rules, only a reboot will correct the issue. Checking these rules for consistency in a separate loop before they are applied allows the errors to flagged up and the commit failed before the nat table is touched. Bug #493 http://bugzilla.vyos.net/show_bug.cgi?id=493

Diffstat (limited to 'debian/changelog')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: