[ previous ] [ next ] [ threads ]
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Andrew Eglington <aeglington at hotmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] port forwarding
 Date:  Fri, 25 Jun 2004 14:19:12 +0200
On 25.06.2004 21:29 +1000, Andrew Eglington wrote:

> Firewall: NAT: Edit - even though there is only a single "Local
> port" field,  when saved the "Firewall : NAT" rule shows a range -
> and will produce errors  if it's calculation (see below) exceeds
> 65535

That's right, I've fixed this now, so the next release won't allow
external port range/local port combinations that cause the local end
port to exceed 65535 anymore (error). Thanks for reporting this!

> ... or is it just that a range of the same size is assumed? (seems
> strange  if so).

Yes, that's the case, and I think it's not so strange at all. You
wouldn't usually want to map a range of external ports to a single
internal port. The hint text for "local port" explains what happens
with port ranges quite well, and this is the same behavior as in the
majority of commercial firewall products anyway.

- Manuel