Port Forward suggestions

[jcoehoorn]

There have been a couple times now where my assistant has accidentally created an empty port forward rule at the top of the forwards list. Of course, this breaks our web site and every other external-facing service we have until we find and remove the bad rule. It's not that hard to do, but if we knew at the outset that this was the problem he wouldn't have left the rule hanging there in the first place.

I'm not excusing the mistake, but it did occur to me that one of a few steps could be taken to alleviate this:

1. Could we have the engine detect and ignore empty rules?

or

2. Could new rules be created at the bottom/end of the list by default instead of at the top, so that existing rules would still be processed?

I think #2 sounds like a the idea solution to me: if you want/need a new rule at the top, you can still move it, and it's a small thing, but for performance I'd like to have it process the high-volume rules first, and I think over time you're likely to get your "big" stuff in early and the additions that come in now and then are likely to be smaller exceptions.

[sky-knight]

My web site was taken offline last week due to the same issue. I would like an empty port forward rule to be so, EMPTY. Especially if the unit is in advanced mode. Somehow a rule that I canceled the creation of went "default" and moved TCP 80 to 1.2.3.4. Took me ages to sort out, and ended up on the phone with Richie because to be honest I had not even thought to look. I "canceled" the rule after all, it was never saved.

At very least can we have the "default rule" not involve TCP 80? Can we use some other less important port for an example?