pfSense English Support > Gaming

Problem using a Port Range in an Alias - Possible Bug?


I tried to set up one UDP and one TCP port aliases for one of my multiplayer games. Each alias I created has at least one single port and a port range entry.

After creating the aliases I tried using them in a NAT Port Forward and in an Outbound rule.

There were no errors upon saving the new rules but at the same time the rules did not work.

Previously the rules were set up without the aliases and worked as they should. I only tried using aliases to minimize the number of rules I was using.

Upon getting into my game, the game reported UDP port 27017 was closed. That port was in a port range used in the alias.

For the Port Forward, it is set to associate with a firewall rule. As I mentioned I also tried using an alias in the Port Forward rule. When I check the associated firewall rule it only shows the first Port used in the alias.

Is this normal behavior or have I stumbled onto a bug?

If it is normal behavior that would suggest what I did is not possible, so why did it let me save the NAT rules if it is not possible? Shouldn't I have instead received an error upon saving?

You'll have to post exactly what you actually did. Impossible to tell if what you did was valid or not from that description.


--- Quote from: Derelict on November 21, 2017, 05:21:22 pm ---You'll have to post exactly what you actually did. Impossible to tell if what you did was valid or not from that description.

--- End quote ---

Here are some screenshots. These will probably be more useful then trying to better explain.

Also, I do see a possible issue in the NAT Port Forward in relation to using the alias since the "Redirect target port" has only one port added.

Before trying the Alias in the Port Forward I had added the Alias to just the "Outbound". Keeping all of my Port Forwards as they were originally (with game working) and only using the Aliases for Outbound my game reported port 27017 as being closed.

Yeah, port ranges do not work like that. They are a 1:1. You can't forward multiple ports to one port like that with one rule.

You could use the same alias for the Destination ports and the NAT/Target ports, but you can't funnel a bunch of ports into one NAT port like that.

Redirect Target Port: The internal port where this traffic will be forwarded, and is usually the same as the external port as defined in Destination port range. If multiple ports in a range are used for the Destination port range, this is the starting port of the range as it must be the same size range.

ETA: Moving to gaming forum.


[0] Message Index

Go to full version