[Solved] How can I forward a range of ports to a given Lan IP?

dummies

#1

Hi there,

The port forwrding section allow to forward a single port to an IP. But let say I want to forward udp port 10000 to 20000 to lan ip x.x.x.x. Any way to achieve this ?

Thanks


[Solved] Port range in order to firewall
(Artem Fedai) #2

first of all go to Gateway->Firewall Object -> Services
create service like RTP and acces port
then go to SSH
config set rtp service UDPPorts 4569,8000-20000,5036 status enabled access public
signal-event firewall-adjust
then return to web UI and go to Gateway->Firewall Rules
create rule and check RTP Service and internal Host
It is my way , coz WEB UI doesnot allow “-” in port range!


(Stefano) #3

please, at all, Read The Fine Manual:

http://docs.nethserver.org/en/latest/firewall.html#port-forward

you can forward a port range using xxxx:yyyyy syntax

Thank you


(Artem Fedai) #4

or db portforward show and there you could edit , but i use first variant


(Artem Fedai) #5

in first release : was deprecated ! now this server on production , so i could not try !


(Artem Fedai) #6

The newest version of firewall show alert like an old one @zamboni :
Destination port
integer number


(Stefano) #7

in this case it’s a documentation bug…

@alefattorini, it’s up to you


#8

Thank you all guys for your advice.


(Artem Fedai) #9

Do you achieve the goal?


#10

I will work on it tonight, but I believe XX:YY should work. Will let you know.


(Artem Fedai) #11

I’m always on work :wink:


(Artem Fedai) #12

@jgjimenezs i know you are almoust genuis so tell me what
in /usr/share/nethesis/NethServer/Module/PortForward/Modify.php
$portRangeValidator = $this->createValidator()
->orValidator(
$this->createValidator()->integer()->greatThan(0)->lessThan(65535),
$this->createValidator()->regexp(’/^[0-9]+:[0-9]+$/’) #port range, no check on maximum value
);

but when i put there 8000:10000 it said to me “Destination port integer number”


(Artem Fedai) #13

So i have some Cure for BUG
edit /usr/share/nethesis/NethServer/Module/PortForward/Modify.php

   $portRangeValidator = $this->createValidator()
        ->orValidator(
            $this->createValidator()->integer()->greatThan(0)->lessThan(65535),
            $this->createValidator()->regexp('/^[0-9]+\:[0-9]+$/') 
        );
    $dstValidator = $this->createValidator()
        ->orValidator(
            $this->createValidator()->integer()->greatThan(0)->lessThan(65535),
            $this->createValidator()->regexp('/^[0-9]+\:[0-9]+$/')
        );

ater that You would be able to set port Range in WEB UI

like in Origin and DST ports 8000:10000
@filippo_carletti add this into next release please


(Filippo Carletti) #14

I can’t reproduce the bug.
@Nas, do you have a github account? You could fork nethserver-firewall-base and submit a pull request.


(Artem Fedai) #15

Yep i have made a fork on github @filippo_carletti


#16

I finally tried this and got the same error you reported. So I am still unable to forward a range of ports.


(Giacomo Sanchietti) #17

So this is solved.
See: [Solved] Port range in order to firewall

@nas can I close the pull request?