Info Port forwarding rules not have to generate firewall rules

Currently reading
Info Port forwarding rules not have to generate firewall rules

fredbert

Moderator
NAS Support
Subscriber
5,121
2,072
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
  3. RT6600ax
  4. WRX560
Operating system
  1. macOS
Mobile operating system
  1. iOS
I just noticed the Setting button on the General tab of Network Center's Port Forwarding page.

Throwing caution to the wind I clicked it and found three options. Two are for UPnP and I have UPnP disabled, but the third, when enabled, will auto-generate firewall rules for the port-forwarders.

I would say that most times this is useful provided you normally want to accept any source IP communicating with the local destination. It's easy to add a restrictive rule and then an any/any/deny below it which will stop the auto-rule from being hit. Of my port-forwarders I've got one out of nine rules that I do this. But if you normally apply restrictions to port-forwarded service then disabling this Settings option is probably a good thing to keep the firewall policy clean.

I have lots of restriction rules at the top of my firewall policy that does the pre-filtering for all services.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

BUMP. This is pretty much the same as I tried to do, and can confirm the same result that it does not...
Replies
3
Views
1,957
The thread when the RT6600ax was announced. Much talk about the one 2.5 GbE port...
Replies
4
Views
408
Rusty - I appreciate you. To answer your questions, the VM is Ubuntu 22.04, and I don't usually get an...
Replies
4
Views
2,016
Just asking again if more in-depth information or rules are available than link posted. I keep creating...
Replies
1
Views
1,227
Now I'm not looking on my phone.... The best you can do is to split the single 192.168.1.0/24 subnet and...
Replies
6
Views
2,056
ofc you can test the rules when they're setup. Ping from any device to any device within your LAN - ping...
Replies
11
Views
1,309
Deleted member 5784
D
  • Question
@Gerard No port forwarding. No particular need as far as I know.
Replies
3
Views
1,704

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top