Firewall, validate port alias... wrong order, causing disabled snat rule.

2026-03-17 01:54:49 +00:00 · 2018-08-05 12:42:53 +02:00 · 2018-08-05 12:42:53 +02:00 · 188afed620
commit 188afed620
parent a435f74707
1 changed files with 1 additions and 1 deletions
--- a/src/opnsense/mvc/app/library/OPNsense/Firewall/SNatRule.php
+++ b/src/opnsense/mvc/app/library/OPNsense/Firewall/SNatRule.php
@ -98,12 +98,12 @@ class SNatRule extends Rule
            }
            foreach (array("sourceport", "dstport", "natport") as $fieldname) {
                if (!empty($rule[$fieldname]) && Util::isAlias($rule[$fieldname])) {
-                    $rule[$fieldname] = "$".$rule[$fieldname];
                    if (!Util::isAlias($rule[$fieldname], true)) {
                        // unable to map port
                        $this->log("SNAT / unable to map port ". $rule[$fieldname]. ", empty?");
                        $rule['disabled'] = true;
                    }
+                    $rule[$fieldname] = "$".$rule[$fieldname];
                }
            }
            if (!empty($rule['staticnatport']) || !empty($rule['nonat'])) {