Firewall 'not' option

I’m looking for a way of cleaning up the list of firewall entries, for example if I wanted to block all inbound UDP traffic except ports 500, 4500, and 10000 I would have to create 4 rules saying ‘Deny’ on 1-499, 501-4499, 4501-9999, and 1001-65535.

Similarly, If I wanted to force our courtesy wifi (not a Peplink product) to use OpenDNS, somebody could get around the content filter by specifying their own DNS on their device. I want to be able to specify outbound rule “UDP,, not, deny”

I could span it over two lines going “UDP,,, allow” and “UDP,, any, deny” but it would be nice to put it in one line.


Look like you wish to control your inbound and outbound traffics. Can I suggest this way?


  1. UDP, Any:Any, Any:500, Allow
  2. UDP, Any:Any, Any:4500, Allow
  3. UDP, Any:Any, Any:10000, Allow
  4. Any, Any:Any, Any:Any, Deny (Default rule)


  1. UDP,,, Allow
  2. Any, Any:Any, Any:Any, Deny (Default rule)