[Solved] How can I forward a range of ports to a given Lan IP?

Hi there,

The port forwrding section allow to forward a single port to an IP. But let say I want to forward udp port 10000 to 20000 to lan ip x.x.x.x. Any way to achieve this ?

Thanks

first of all go to Gateway->Firewall Object -> Services
create service like RTP and acces port
then go to SSH
config set rtp service UDPPorts 4569,8000-20000,5036 status enabled access public
signal-event firewall-adjust
then return to web UI and go to Gateway->Firewall Rules
create rule and check RTP Service and internal Host
It is my way , coz WEB UI doesnot allow “-” in port range!

please, at all, Read The Fine Manual:

http://docs.nethserver.org/en/latest/firewall.html#port-forward

you can forward a port range using xxxx:yyyyy syntax

Thank you

or db portforward show and there you could edit , but i use first variant

in first release : was deprecated ! now this server on production , so i could not try !

The newest version of firewall show alert like an old one @zamboni :
Destination port
integer number

in this case it’s a documentation bug…

@alefattorini, it’s up to you

Thank you all guys for your advice.

Do you achieve the goal?

I will work on it tonight, but I believe XX:YY should work. Will let you know.

I’m always on work :wink:

1 Like

@jgjimenezs i know you are almoust genuis so tell me what
in /usr/share/nethesis/NethServer/Module/PortForward/Modify.php
$portRangeValidator = $this->createValidator()
->orValidator(
$this->createValidator()->integer()->greatThan(0)->lessThan(65535),
$this->createValidator()->regexp(’/^[0-9]+:[0-9]+$/’) #port range, no check on maximum value
);

but when i put there 8000:10000 it said to me “Destination port integer number”

So i have some Cure for BUG
edit /usr/share/nethesis/NethServer/Module/PortForward/Modify.php

   $portRangeValidator = $this->createValidator()
        ->orValidator(
            $this->createValidator()->integer()->greatThan(0)->lessThan(65535),
            $this->createValidator()->regexp('/^[0-9]+\:[0-9]+$/') 
        );
    $dstValidator = $this->createValidator()
        ->orValidator(
            $this->createValidator()->integer()->greatThan(0)->lessThan(65535),
            $this->createValidator()->regexp('/^[0-9]+\:[0-9]+$/')
        );

ater that You would be able to set port Range in WEB UI

like in Origin and DST ports 8000:10000
@filippo_carletti add this into next release please

I can’t reproduce the bug.
@Nas, do you have a github account? You could fork nethserver-firewall-base and submit a pull request.

1 Like

Yep i have made a fork on github @filippo_carletti

2 Likes

I finally tried this and got the same error you reported. So I am still unable to forward a range of ports.

So this is solved.
See: [Solved] Port range in order to firewall

@nas can I close the pull request?