Project

General

Profile

Actions

Bug #14655

open

NAT behind a WAN rule" and "!WAN rule"

Added by Andre Lopez Araujo over 1 year ago. Updated over 1 year ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
NAT Reflection
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
2.7.0
Affected Architecture:
amd64

Description

Good morning,

I just set up a DMZ NAT for everything that is not a WAN Net, but when creating another NAT with the same rules, except for the source, which should be WAN Net, it says it's duplicated, showing the message "The destination port range overlaps with an existing entry."


Files

Actions #1

Updated by Andre Lopez Araujo over 1 year ago

Im wanting about different NATs with the same ports

Actions #2

Updated by Christopher Cope over 1 year ago

  • Status changed from New to Confirmed

I can confirm this behavior on

23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT

The input validation currently treats an inverted source or destination as identical to the non inverted counterparts.

For now, there is a simple, and arguably better, way to accomplish the same thing by specifying the WAN net rule first and then following it with a rule using any as the source, as any traffic that doesn't match WAN net will be equivalent to !WAN net.

Actions

Also available in: Atom PDF