On 12/13/2013 8:20 AM, Chris Bagnall wrote: > On 13/12/13 1:12 pm, Jim Pingle wrote: >> * Don't use interface groups or multi-interface floating rules for WAN >> rule > > I stand corrected. You learn something new every day :-) > > As an aside, is there any way to 'fix' this? On a system with 4 or 5 > WANs, the ability to define inbound rules that apply to every WAN > interface would be extremely useful and save a great deal of duplication.
Not easily. We would have to internally separate that out into one rule for each interface individually using the expected gateway for each one in reply-to rather than using the group shortcuts that work fine for other rules. That may happen eventually, but we'd also need some sort of indication on the group or the rule that it should happen because it would not be good to do that for every rule unnecessarily. Jim _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
