Firewall/NAT

Ok, I'm sure I'm just missing something, but how can I allow a system on the LAN Subnet to access a specific service on the WAN?  I'm under the impression that "WAN Address" is the actual IP assigned to the M0n0wall WAN interface (as opposed to just any WAN address)..

Also, just in testing, I disabled the rule to allow LAN -> any and noticed that after I applied the configuration, while I could no longer access ports on nodes on the WAN/DMZ, pings would still go through.  Odd thing was that this happened only sometimes..other times, after applying the config, everything was stopped cold as expected.  Has anyone else experienced this?

Established connections are generally not broken when changing or adding rules. Go to Diagnostics | Reset state and see if that clears this up for you.

Sounds good - I will give it a try.  Thanks!