Looks like (at least on build 156) when setting up a Firewall: NAT forwarding rule using a range of ports, only the first port is used as the destination.
For example I want to create a new rule to forward ports 5269 to 5271 to the internal client 192.168.0.2
- In the "External port range" field I put in 5269 in the first box and 5271 in the second.
- In the "NAT IP" field I put 192.168.0.2
- In the "Local port" field I enter 5269.
- I click save and the corresponding Firewall rules to allow the traffic on this port range are created correctly.
The expected result is that the end port will be calculated automatically so an traffic going to port 5270 will be redirected to 192.168.0.2:5270
The actual result is traffic destined for port 5270 is being redirected to 192.168.0.2:5269
This can be demonstrated with netcat
On: 192.168.0.2 start up two netcat processes
```
# nc -l 5270
```
```
# nc -l 5269
```
On an external client make the connection (X.X.X.X is the public IP of the t1n1wall):
```
nc X.X.X.X 5270
```
In the t1n1wall log, note the destination port
```
Aug 1 02:57:32 <local0.info> stargate pfmon[86]: 02:57:31.881624 em0 @50 pass X.X.X.X,13376 -> 192.168.0.2,5269 PR tcp len 20 40 -S in match
```
On the external client, send some data
```
nc X.X.X.X 5270
Test
```
The data is received on the netcat process listening on port 5269:
```
# nc -l 5270
```
```
# nc -l 5269
Test
```
