• Hello,

    I am having an issue using a port alias with particular rules and wanted to run it by the community to see if I am missing something in my understanding of port aliases.

    I have created an port alias with 1:24, 26:52, 54:586, 588:65535 for port ranges. When creating rules with TCP/UDP protocol, my goal is to use this alias to equate to "all ports except for 25, 53, and 587". So if I reject all packets against this alias, the source will still have access to 25, 53, and 587.

    Am I correct in this logic?


  • Yes.

  • Sweet! Thanks!

  • LAYER 8 Netgate

    Anther way that might make more sense when (possibly someone years from now) is reading the rule set would be to make four rules:

    pass TCP 25
    pass TCP 587
    pass TCP/UDP 53
    reject any

    You could combine 25 and 587 into a port alias but not sure it's worth it for just two ports. Anyway, that's what I would do.