Firewall - inconsistency in policy based routing rules between route-to and reply-to behaviour

[AdSchellevis]

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

• I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
• I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Describe the bug

The automatically generated policy based routing rules for outbound traffic use OPNsense\Firewall\Plugin()->getInterfaceGateways($interface) to determine which route-to gateway to set, this has the side affect of also enforcing this policy for gateways which aren't specifically assigned.

When looking at the generated reply-to gateways, they use OPNsense\Routing\Gateways(legacy_interfaces_details())->getInterfaceGateway($interface, $inet, true) and configure this on the interface, which explicitly excludes non-configured interfaces as gateway candidate.

To Reproduce

Create a gateway on lan, don't assign it to the interface and compare the output of:

print_r(OPNsense\Firewall\Plugin()->getInterfaceGateways("lan"));
--> newly created gateway
print_r(OPNsense\Routing\Gateways(legacy_interfaces_details())->getInterfaceGateway("lan", "inet", true))
--> empty

Expected behavior

Logically reply-to selection should match route-to (and outbound nat) as the logic behind it is similar and should match logical "wan" gateways.

Describe alternatives you considered

none

Additional context

none

Environment

Software version used and hardware type if relevant, e.g.:

OPNsense 20.7.2 (amd64, OpenSSL).