pfSense

I've added some further details on it. At the least, there is a typo that should be fixed.

Adding more details here; currently:

It's possible for rules with overlapping ports to be saved when the destination type is set to network because $natent['destination']['address'] can have a value of 10.0.0.0/24 while post['dst'] has a value of 10.0.0.0 (the mask is on a separate variable post['dstmask']).

There is a typo $natent['proto'], which means the != operator checks will always return true because null will never equal a defined variable. Hence, unless the protocol is set to TCP/UDP, the overlap check below this statement will never run.

There's still an issue when the selected source or destination is a special network (e.g. L2TP Clients), as well as a missing / in the checks. I have a fix ready to submit.

Potentially related issue with source traffic with video demonstrating the issue: https://redmine.pfsense.org/issues/12132

Tested the changeset and the issue for 12132 and this redmine appears to be resolved.

https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/301