Destination NAT and Firewall Rules (new) after rules migration

Started by thebraz, January 23, 2026, 02:29:39 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 23, 2026, 02:29:39 PM
First of all...............upgrade to RC1 succeeded.
Applied all the patches mentioned in the other thread.
All the old rules migrated to new following the 5 steps of the Migration Assistant done.
OpenVPN Instance and port forwarding rules (now Destination NAT) all working (also the ones using Aliases).
Not tried the Shaper yet.

I'd have a question: in the OpenVPN section and in the WAN section of the Rules (new) I find rules that are already present in Destination NAT.
Furthemore if a rule is disabled in Destination NAT but enabled in the WAN section of Rules (new) the thing doesn't work till I enable it in Destination NAT.

I find confusing the apparent "duplication" of rules, could someone please help me clarifyng the function of the two section and why rules are present in both?

Thanks in advance
January 23, 2026, 05:17:58 PM #1
One rule performs the NAT and the second permits the resulting traffic. With the previous system, it was a NAT port forward rule and a (potentially auto-managed) firewall rule.

I have not tried 26.1RC yet. But I have a feeling, with the way I've set up NAT and FW under 25.7, a straight forward migration will not be possible. For example, the change in the priority of floating rules on single interfaces and the lack of auto/associated firewall rules for port forwards.
Today at 05:44:33 AM #2
Quote from: keeka on January 23, 2026, 05:17:58 PMOne rule performs the NAT and the second permits the resulting traffic. With the previous system, it was a NAT port forward rule and a (potentially auto-managed) firewall rule.

I have not tried 26.1RC yet moto x3m. But I have a feeling, with the way I've set up NAT and FW under 25.7, a straight forward migration will not be possible. For example, the change in the priority of floating rules on single interfaces and the lack of auto/associated firewall rules for port forwards.


I've looked into this rule; it can disable the device if activated incorrectly.
Today at 07:24:11 AM #3
Quote from: Yudre on Today at 05:44:33 AMI've looked into this rule; it can disable the device if activated incorrectly.

What do you mean by this, what can be disabled?

What is the URL link about for "moto x3m", it wasn't in the post you quoted?
Today at 04:26:28 PM #4
Quote from: lmoore on Today at 07:24:11 AMWhat is the URL link about for "moto x3m", it wasn't in the post you quoted?
Lately there are more and more weird SPAMmers on the forum kicking old topics and posting URLs behind weird stuff like _____ at the end of a sentence and stuff like that... :(
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Print
Go Up Pages1
User actions