Disable reply-to setting should also disable built-in route-to



  • For installations that do not use multi-wan load balancing the auto-generated reply-to and route-to options that are applied to the rule base are really not needed.  Why put them in?  They can just cause problems with installations that require static routes or a routing protocol to adjust traffic flow. This is especially true for installations that do not use NAT and still want firewalling but need to switch routes between interfaces.

    For multi-wan failover (not load balance)  I would want the states to stay alive and get routed through the new WAN (even connections from the firewall which are currently forced with a route-to even with disable reply-to option set).  The connections flowing through would still be valid for the new WAN.  Forcing connections to a specific WAN and ignoring routing just seems like it would be the exception for most setups to me.

    The same goes for gateway state killing.

    Could we have another setting for disable route-to?  Or maybe combine them into a settings that basically means always use the routing table?


Locked