vyatta-nat: check nat rules for errors before processing them for real - vyatta-nat.git - Vyatta configuration/operational commands for NAT (mirror of https://github.com/vyos/vyatta-nat.git)

diff options

author	Alex Harpin <development@landsofshadow.co.uk>	2015-07-12 17:17:58 +0100
committer	Alex Harpin <development@landsofshadow.co.uk>	2015-07-12 17:17:58 +0100
commit	5f05bdd480f0de2be2d87934b9b53dab09ead9ea (patch)
tree	2bd209734c00ad4185977d97651366e4da8187af /lib/VyOS
parent	d3e02a495ed5159cd97d2230f32a1548d295f3d9 (diff)
download	vyatta-nat-5f05bdd480f0de2be2d87934b9b53dab09ead9ea.tar.gz vyatta-nat-5f05bdd480f0de2be2d87934b9b53dab09ead9ea.zip

vyatta-nat: check nat rules for errors before processing them for real

Errors in both source and destination NAT rules can cause either rules being overwritten or partially, dropped entirely or just end up with an inconsistent state in comparison to the current configuration. This can lead to unpredictable NAT results, which can't even be corrected by deleting all the nat rules, only a reboot will solve them. Checking these rules for consistency in a separate loop before they are applied allows the errors to flagged up and the commit failed before the nat table is touched. Bug #493 http://bugzilla.vyos.net/show_bug.cgi?id=493

Diffstat (limited to 'lib/VyOS')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: