stephdl
commented
5 months ago Closed gsanchietti closed 4 months ago
stephdl
commented
5 months ago 
gsanchietti
commented
4 months ago Testing image: 8-23.05.3-ns.1.0.1-10-g168db29
stephdl
commented
4 months ago QA
use the test image
use a multi wan configuration, create a deafault policy, then create a rule, you have a sticky option with a toggle
verify the sticky option is propagated to the CLI, you can enabled and disabled
echo '{}' | /usr/libexec/rpcd/ns.mwan call index_rules | jq
cotosso
commented
4 months ago Tested and working as expected, rule created from web UI.
root@NethSec:~# echo '{}' | /usr/libexec/rpcd/ns.mwan call index_rules | jq
{
"values": [
{
"name": "ns_rule1",
"policy": {
"name": "ns_test1",
"label": "test1"
},
"label": "rule1",
"protocol": "tcp",
"destination_port": "443",
"sticky": true
},
{
"name": "ns_default_rule",
"policy": {
"name": "ns_default",
"label": "Default"
},
"label": "Default Rule",
"sticky": false
}
]
}
On multiwan UI, it would be useful to have the sticky option available in the rules drawer. This option is tipically used with https traffic and ensures persistence of connections on the same WAN (e.g., to prevent WAN switching when connecting to banks and/or similar services), it has a default timeout of 10 minutes.
Default value: sticky disabled tooltip suggestion: Allow traffic from the same source IP address to use same WAN interface as prior session (default timeout: 10 minutes).