• Hi,

    OK, not saying this isn't me being stupid, but … my port forwarding (that was working) seems to be broken now. Here is what I have checked,

    • Checked the NAT setting -> yep, WAN Address and Port, to internal IP and port, all looks right.
    • Checked the Firewall log, and I see the traffic ... and it's blocked by the Default IPv4 deny rule. Which is very odd, as the WAN Address and port do match my NAT entry

    So in the latest build it seems that this isn't working (for me at least). Is there anything else to check, just to debug this?


  • OK, a bit more on this after some debugging …

    The aliases seem to be the main issue here. I went in and hard-coded the destination IP directly (in to NAT), and forced a reload of the filter rules (more on this below) ... then it works. But the alias should work, with a FQDN, no?

    Note also though .. the reload does not happen after "Apply" is selected - I confirmed using pfctl -sn ... they never apply. Rather, I have to manually force a "Reload Filter" ... then the rules are updated.


  • And one more observation … when using the alias, and pfctl -sn to look at the rules => there seems to be "round-robin" at the end of the rule. With the alias removed, this goes away. Perhaps it's the issue?

  • @arrmo Did you determine this was actually the aliases? I'm having similar problems with 2.4.0, but hard-coding the IP doesn't seem to resolve the issue.

    Created a new post with more details here: