Released 02/17/05
GUI and compilers v2.0.6 require API library libfwbuilder version 2.0.6
This release adds ability to print firewall rulesets
For those who wish to build from source, instructions are outlined in the document "Install and Build instructions" on our web site here
nat on eth1 proto {tcp udp icmp gre} from 192.168.1.0/24 to any -> 22.22.22.22
Taken from the bug report:
as it turned out, I can not fix this. You are trying to use Custom Service object to insert protocol list into a "nat" rule. Normally, a service object such as TCP or UDP service generates two components for any rule where it is used: a protocol specification and port specification (type/ code spec for ICMP). PF is sensitive to the order of parameters in the rule, in particular, protocol must be defined after interface but before src/dst addresses in the rule, while port numbers go after addresses. Compiler easily retrieves this information from IP, TCP, UDP and ICMP services and places it in a proper slots in the rule it generates. CustomService does not have a notion of protocol and parameters for it, so compiler puts a string that is configured in the CustomService in the place reserved for port numbers. This means you can not use CustomService to specify protocols.
There still was a bug in fwb_pf where it would print "custom_service" in place of protocol. This is fixed in 2.0.6 build 542. Protocols can not be inserted with Custom Service though.
Feature request #1111267 "CustomService should specify protocol and parameters for it" has been opened