PacketFence
Bug Tracking System
Main | My View | View Issues | Change Log | Roadmap
  

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001401PacketFenceconfigurationpublic2012-03-15 10:532015-02-18 10:59
Reporterfgaudreault 
Assigned To 
PrioritylowSeveritytweakReproducibilityN/A
StatusclosedResolutionopen 
PlatformOSOS Version
Product Version3.2.0 
Target Version3.6.1Fixed in Version 
Summary0001401: Add DNAT iptables rules for DNS in registration
DescriptionIn VLAN mode, we should add DNAT statements in the input-vlan chain to redirect static DNS traffic to our DNS server.

ie. A user have DNS configured manually in its config, we would blackhole him correctly without have to change its settings

Reported by Rich Graves @ Carleton College
Additional InformationIPT lines :
-A PREROUTING -s (quarantine net) ! -d (quarantine if) -p udp --dport 53 -j DNAT --to-destination (quarantine if)
-A PREROUTING -s (isolation net) ! -d (isolation if) -p udp --dport 53 -j DNAT --to-destination (isolation if)
TagsNo tags attached.
fixed in git revision
fixed in mtn revision
Attached Files

- Relationships

-  Notes
(0003909)
lmunro (administrator)
2015-02-18 10:59

 Obsolete bug tracker entries.
PF 4 introduced changes that either make these irrelevant or impossible to reproduce.

New issues are moving to github issues.

- Issue History
Date Modified Username Field Change
2012-03-15 10:53 fgaudreault New Issue
2012-10-19 12:19 fgaudreault Target Version => general
2012-10-26 16:18 fgaudreault Target Version general => 3.6.1
2015-02-18 10:59 lmunro Note Added: 0003909
2015-02-18 10:59 lmunro Status new => closed

Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker