Results 1 to 3 of 3
  1. #1
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,397

    Default Is this a valid IP match rule?

    I've been working on some setup for UPnP, building Deny rules for our existing port forwards, so a UPnP request can't accidentally override them. I came across a port forward rule for our phone/unified communication system with this info:

    - Destination Port=4000,5004-5070,5567,6004-7039,50098-50508

    Now I now you can use ranges. And I know you can use commas. But somewhere I've heard that you can't use both together. Is that still true? Because I also know I wrote that rule, and I'd like to think I knew was I was doing.

    I haven't heard any complaints, but hardly anyone here uses the UC software to it's full extent. I know that I at least have been using the Android app to check my voicemail. I don't think that could work if this rule wasn't parsed correctly, but again: I'm sure I remember reading this wasn't allowed.
    Last edited by jcoehoorn; 03-20-2017 at 02:46 PM.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 13.1 to protect 700Mbits for ~400 residential college students and associated staff and faculty

  2. #2
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    16,597

    Default

    yes, its fine.
    https://wiki.untangle.com/index.php/IP_Matcher


    The limitation that you are probably thinking of is https://jira.untangle.com/browse/NGFW-5237
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,397

    Default

    There was also a 1024 character rule at one time. This is well below that, but curious if it still matters.

    Also, for the UPnP rules, I have a number of external IP addresses. Can UPnP be limited to only certain addresses? Or it is automatic that only UPnP rules only apply to the NAT address of the client that requests them?
    Last edited by jcoehoorn; 03-20-2017 at 03:08 PM.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 13.1 to protect 700Mbits for ~400 residential college students and associated staff and faculty

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2