Bill Marquette wrote:
On 1/27/06, Adam Gibson <[EMAIL PROTECTED]> wrote:
Bill Marquette wrote:
On 1/27/06, Adam Gibson <[EMAIL PROTECTED]> wrote:
Thanks for the direction. I found the static-port setting. Someone has
probably already noticed the bug but the NAT listing does not display
properly for the rule I just created(the fields are in the wrong spot in
the table but editing the rule looks like it is setup correctly). I
wont be able to test it until later tonight. This is the xml that was
generated. The UDP packets in question that originate from the OPT1
network are src=192.168.1.140 srcport=28004 dst=192.246.40.28
dstport=27650 .
Odd, I fixed that display issue a while ago, it should be in the
latest snapshot :-/
--Bill
Below is a link that shows the problem in case you want to see it. The
previous email shows the real Outbound NAT settings for it.
http://www.xstatica.com/pfsense-snapshot20060125-outbound-nat-table-problem.png
Bleh, ok, so I didn't fix this right. Thanks for reporting it. As
you mention, it's just a display issue.
--Bill
Only appears to be a rule display issue. I had to make some adjustments to the
outbound NAT rule to get it to work but it does seem to work.
I had to remove the src and dst ports and use src and dst IPs with static-port
because a pf error scrolled across the top of the pfsense web admin page saying
that static-port does not work with port ranges. Someone probably should find
out what really can and can not be used with static-port so that the correct
fields can be greyed out so that users can't select things that pf will not
work with.
The rule that works...
<advancedoutbound>
<rule>
<source>
<network>192.168.1.140/32</network>
</source>
<sourceport/>
<descr>Attempt to keep quake4 server src port static through NAT</descr>
<target/>
<interface>wan</interface>
<staticnatport/>
<destination>
<address>192.246.40.28/32</address>
</destination>
<natport/>
<dstport/>
</rule>
