Overview
Readers will learn how to reorder firewall and NAT rules on the EdgeRouter using the web UI and command line.
 |
NOTES & REQUIREMENTS:
Applicable to the latest EdgeOS firmware on all EdgeRouter models. Please see the Related Articles below for more information.
Device used in this article:
|
Table of Contents
Reordering Using the Web UI
Firewall and NAT rules are matched in order of preference. Rules with a lower ID are matched before rules with a higher ID. We can leverage the EdgeRouter Web UI to change the order and influence which rules are matched first.
 |
GUI: Access the Graphical User Interface (GUI).
|
- For the firewall rules, navigate to the Firewall/NAT > Firewall Policies tab and edit the firewall ruleset. Drag and reorder the rules and click on the
button to save the new rule order. - For the NAT rules, navigate to the Firewall/NAT > NAT tab to drag and reorder the rules. Click on the
button to save the new rule order.
Reordering Using the Command Line
In order to reorder the firewall and NAT rules using the Command Line Interface (CLI), we can leverage the rename command.
 |
CLI: Access the command line interface (CLI). You can do this using the CLI button in the GUI or by using a program such as PuTTY.
|
For firewall rules, edit the specific firewall configuration sub-tree to change the rule number:
configure
edit firewall name <name>
rename rule 10 to rule 20
exit
commit ; save
For NAT rules, edit the NAT configuration sub-tree to change the rule number:
configure
edit service nat
rename rule 5010 to rule 5020
exit
commit ; save
 |
NOTE: The CLI also allows you to rename the
modify firewall rules that are used for Policy-Based routing and Load-Balancing. |
Related Articles
Intro to Networking - How to Establish a Connection Using SSH