One rule is still being created in nat

[MrDick-11]

Hi! Thank you for your wonderfull service. I have installed it on UDM Pro and it's working fine except for one network - 10.0.250.0 Have no idea why exactly this network, but it always comes up after remove. I get rule like this - Chain UBIOS_POSTROUTING_USER_HOOK (1 references) num pkts bytes target prot opt in out source destination 1 15953 1432K SNAT all -- any eth8 10.0.250.0/24 anywhere / 00000001095216660481 / to:172.16.200.2 I remove it with iptables -t nat -D UBIOS_POSTROUTING_USER_HOOK 1 but it comes up another day or even this day.

[MrDick-11]

upgraded script to delete snat while true do

identify MASQUERADE jump target in UBIOS_POSTROUTING_USER_HOOK chain

# which will be added per default for UBIOS_ADDRv4_ethX (eth8/eth9) to
# manage NAT throught WAN
 rules=$(/usr/sbin/iptables -t nat -L UBIOS_POSTROUTING_USER_HOOK --line-numbers | \
            grep "MASQUERADE .* UBIOS_ADDRv4_eth.\|SNAT .*" | \
            cut -d' ' -f1)
# for each rule identified we issue a delete operation in reverse
# order so that UBIOS_POSTROUTINE_USER_HOOK will really only contain
# NAT rules a user manually defined in the Network UI.
for rulenum in $(echo ${rules} | rev); do
    /usr/sbin/iptables -t nat -D UBIOS_POSTROUTING_USER_HOOK ${rulenum}
done

# sleep for one minute and then
# re-evaluate because changed in the Network UI
# could reintroduce the NAT/MASQUERADE rules
sleep 60

done

[jadedeane]

@MrDick-11 please check latest, and feel free to create a PR and contribute. Thanks.