Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Match rule with dest IP and a !port?

    Traffic Shaping
    2
    3
    616
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      markn62 last edited by

      Is there a way to define a match rule to have a destination IP and a not port (!80)?  Seems the GUI's "not" checkbox applies to the destination IP and doesn't apply to the port number, or perhaps it applies to both.  Is the only way a 2nd similar rule with a dest any, port 80, and "not" checked, located below the primary rule?

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        I think this has come up before and no.  Make a port alias not_80 with ranges 1-79 and 81-65535.

        Or you could do what you want to do with port 80 in a rule above what you want to do with everything else.  Just use any port in the second rule)

        Chattanooga, Tennessee, USA
        The pfSense Book is free of charge!
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • M
          markn62 last edited by

          Thanks Deric. Your "1:79, 81:65535" suggestion is what I was looking for.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post