[Bug]: Netmaker doesn't send egress ACLs to gateways

[stackrainbow]

Contact Details

No response

What happened?

Hello,

I'm currently seeing that gateway machines are blocking traffic destined to egress routes from clients authorised to use them.

The cause of this seems to be that the gateway is not populated with the egress ACL routes in iptables and as a result, traffic to the egress route hits the DROP rule at the bottom of NETMAKER-ACL-IN.

This is evident if you try to make a config file client to a gateway, or route a machine which does not have entire network access (so a 0.0.0.0/0 rule is not created) but does have access to the egress route through a gateway instead of direct.

Version

v1.4.0

What OS are you using?

No response

Relevant log output

Contributing guidelines

• Yes, I did.

[Mejdii]

Hi @stackrainbow ,

Thanks for reporting this. I tried to reproduce the issue on my setup but didn’t see the drop you described.
Could you clarify:

1. Which client or node IP(s) are affected.
2. The exact egress subnet or destination you’re trying to reach.
3. A screenshot of the ACLs page showing the relevant rules.
4. iptables output from the gateway.

This will help us reproduce the issue accurately and investigate further.

Thanks,
Majdi