0 votes
Hi All,
There is currently an update to app-firewall in clearos-updates-testing which affects port forwarding if you have more than one LAN and we'd appreciate feedback. Currently, when you do a port forward, three firewall rules are created, a FORWARD rule and a DNAT rule which are both needed and an odd SNAT rule for traffic between LANs. This update removes the SNAT rule as I see no reason for it.

As a bit of background this is what the rule does. If you have LAN A at and LAN B at, without a port, forward traffic from will go directly to and will appear to come from If you have a port forward to, for some reason an SNAT rule is created so traffic from to will appear to as if it has come from This seems to be pointless and just clutters up the firewall with extra rules.

To install the update, please do:
yum update app-firewall --enablerepo=clearos-updates-testing

Please post any feedback to this thread.
Wednesday, May 19 2021, 11:21 AM
Share this post:
Responses (0)
  • There are no replies here yet.
Your Reply