Port Forwarding Bug?
-
Port forwarding does not seem to take protocol into account when checking for port conflicts, at least in my situation. If someone can replicate this, maybe it can be reported as a bug.
I have an IP alias which translates to an internal server. I want my internal server to respond to ICMP requests from the internet and I want it to receive traffic on one TCP/UDP port. If I add the ICMP NAT rule first, I get an error saying "The destination port range overlaps with an existing entry," when I attempt to add the TCP/UDP rule. If I add the ICMP rule after I have added the TCP/UDP rule, it works as expected.
If you need more information to replicate the scenario, please let me know.
I am running 2.1-Release, 64-bit.
-
So you forward icmp to say 192.168.1.14, then when you go to forward a tcp port to the same box 192.168.1.14 you get an error?
I have not seen this, and just did it and got no errors
2.1-RELEASE (i386)
built on Wed Sep 11 18:16:50 EDT 2013
FreeBSD 8.3-RELEASE-p11I can create an alias first for the host, and try again - but don't see how that would be an issue?
Did I not understand what you were doing? Was your alias for the port you were forwarding for the host you were forwarding too?
-
Sorry, I meant I'm using a virtual IP for the external IP. Alias was the wrong term. I have multiple static IPs available. No other rules are affecting my virtual IP or the specific port I am trying to forward, even on other external virtual IPs.
So you forward icmp to say 192.168.1.14, then when you go to forward a tcp port to the same box 192.168.1.14 you get an error?
That's exactly what I'm saying.
-
I can try and duplicate this - what type of virtual IP did you setup?
IP Alias, CARP, Proxy ARP, Other -
I used an IP Alias. I think that might be where the confusion came from in the terminology.
