firewall4 icon indicating copy to clipboard operation
firewall4 copied to clipboard
verified publisher icon openwrt

ruleset: Add snat_port support for MASQUERADE

Open HSXX opened this issue 2 months ago • 4 comments

In a NAT444 dynamic IP environment where the ISP's BRAS uses Full-Cone NAT, limiting the MASQUERADE port range on OpenWrt can help prevent the number of sessions on the BRAS side from exceeding the limit. However, currently, if snat_port is configured in OpenWrt's NAT rules, the MASQUERADE rule fails to generate and produces an error. This modification ensures that MASQUERADE rules are correctly generated even when snat_port is specified.

HSXX avatar Oct 21 '25 11:10 HSXX

The code side is perfect. Please commit --amend ; push --force at least re-wording title (even it says everything there is) and adding S-o-b: which was likely wiped by githubs robots See here for more info, your commit message goes to git history. https://openwrt.org/submitting-patches#submission_guidelines

brada4 avatar Oct 21 '25 18:10 brada4

The code side is perfect. Please commit --amend ; push --force at least re-wording title (even it says everything there is) and adding S-o-b: which was likely wiped by githubs robots See here for more info, your commit message goes to git history. https://openwrt.org/submitting-patches#submission_guidelines

Done. Fixed commit message and added S-o-b.

HSXX avatar Oct 22 '25 13:10 HSXX

@jow- ?

brada4 avatar Oct 22 '25 13:10 brada4

It replaces:

  • https://github.com/openwrt/firewall4/pull/78

Neustradamus avatar Nov 05 '25 14:11 Neustradamus