NAT Rule Inconsistent behaviour on 2.0-RC1 (i386) and MLDONKEY
-
I have created a number of port forwards for bit torrent and MLDonkey traffic from WAN to OPT1
Bit Torrent is NAT 1 Rule
MLDonkey is NAT 2 RulePort Forward NAT Rules
If Proto Src.addr Src.ports Dest. addr Dest. ports NAT IP NAT Ports
Nat 1: WAN TCP/UDP * * OPT1 net 6881 - 6884 192.168.3.2 6881 - 6884
Nat 2: WAN TCP * * WAN net 16662 192.168.3.2 16662The above rule works and has created an associated firewall rule in the rules section
Port Forward NAT Rules
Proto Source Port Destination Port Gateway Queue Schedule
F/W 1: TCP/UDP * * 192.168.3.2 6881 - 6884 * none
F/W 2: TCP * * 192.168.3.2 16662 * noneMLDonkey porttest reports OK for this configuration.
I've read the manual and I still don't understand the following:
- Why does the firewall rule F/W 2 associated with NAT 2 block traffic (reports the block on a proto value = TCP:S) if the Destination Address is changed from WAN or ANY to OPT1 net but the NAT 1 rule works using OPT1 net?
Any assistance to understand why there is a different behavior would be greatly appreciated
-
Destination should be "WAN address" only, never anything else unless you have multiple public IPs. I updated this page with more info on how that works in 2.0.
http://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense%3F