Overview
Readers will learn how to reorder firewall and NAT rules on the EdgeRouter using both the Web UI and the Command Line (CLI).
 |
NOTES & REQUIREMENTS:
Applicable to the latest EdgeOS firmware on all EdgeRouter models. Please see the Related Articles below for more information.
|
Table of Contents
Reordering Using the Web UI
Firewall and NAT rules are matched in order of preference. Rules with a lower ID are matched before rules with a higher ID. We can leverage the EdgeRouter Web UI to change the order and influence which rules are matched first. Follow the steps below to re-order the rules:
 |
GUI: Access the EdgeRouter Web UI.
|
1. Navigate to the Firewall/NAT tab to modify the existing firewall policy.
Firewall/NAT > Firewall Policies > Policy Name > Actions > Edit
2. Drag and re-order the firewall rules to the desired order.
3. Save the new rule order.
NAT rules are re-ordered using a very similar method. Navigate to the Firewall/NAT > NAT tab and drag the rules to the desired order. Finally save the new rule order.
Reordering Using the Command Line (CLI)
NAT and firewall can be re-ordered from the CLI by using the rename command. Follow the steps below to re-order the rules:
 |
CLI: Access the Command Line Interface. You can do this using the CLI button in the GUI or by using a program such as PuTTY.
|
For firewall rules, edit the specific firewall configuration sub-tree to change the rule number:
configure
edit firewall name <name>
rename rule 10 to rule 20
exit
commit ; save
For NAT rules, edit the NAT configuration sub-tree to change the rule number:
configure
edit service nat
rename rule 5010 to rule 5020
exit
commit ; save
 |
NOTE: The CLI also allows you to rename the modify firewall rules that are used for Policy-Based routing and Load-Balancing.
|
Related Articles
Intro to Networking - How to Establish a Connection Using SSH
EdgeRouter - WAN Load-Balancing
EdgeRouter - Policy-Based Routing