diff -Naur RackTables-0.20.5-base/wwwroot/inc/database.php RackTables-0.20.5-dev/wwwroot/inc/database.php
--- RackTables-0.20.5-base/wwwroot/inc/database.php	2013-06-23 22:50:37.000000000 +0100
+++ RackTables-0.20.5-dev/wwwroot/inc/database.php	2013-07-30 09:51:57.794775524 +0100
@@ -4211,11 +4211,15 @@
 		throw new InvalidArgException ('localip_bin', $localip_bin, "Non-existant ip");
 	if (NULL === getIPv4AddressNetworkId ($remoteip_bin))
 		throw new InvalidArgException ('remoteip_bin', $remoteip_bin, "Non-existant ip");
-	if ( ($localport <= 0) or ($localport >= 65536) )
-		throw new InvalidArgException ('localport', $localport, "invaild port");
-	if ( ($remoteport <= 0) or ($remoteport >= 65536) )
-		throw new InvalidArgException ('remoteport', $remoteport, "invaild port");
-
+	if ( ($proto == "ALL") ) {
+		$localport =0;
+		$remoteport=0;
+	} else {
+		if ( ($localport <= 0) or ($localport >= 65536) )
+			throw new InvalidArgException ('localport', $localport, "invaild port");
+		if ( ($remoteport <= 0) or ($remoteport >= 65536) )
+			throw new InvalidArgException ('remoteport', $remoteport, "invaild port");
+	}
 	return usePreparedInsertBlade
 	(
 		'IPv4NAT',
diff -Naur RackTables-0.20.5-base/wwwroot/inc/interface.php RackTables-0.20.5-dev/wwwroot/inc/interface.php
--- RackTables-0.20.5-base/wwwroot/inc/interface.php	2013-06-23 22:50:37.000000000 +0100
+++ RackTables-0.20.5-dev/wwwroot/inc/interface.php	2013-07-11 14:51:34.854774817 +0100
@@ -3056,7 +3104,7 @@
 		echo "<tr align='center'><td>";
 		printImageHREF ('add', 'Add new NAT rule', TRUE);
 		echo '</td><td>';
-		printSelect (array ('TCP' => 'TCP', 'UDP' => 'UDP'), array ('name' => 'proto'));
+		printSelect (array ('TCP' => 'TCP', 'UDP' => 'UDP','ALL' => 'ALL'), array ('name' => 'proto'));
 		echo "<select name='localip' tabindex=1>";
 
 		foreach ($alloclist as $ip_bin => $alloc)
diff -Naur RackTables-0.20.5-base/wwwroot/inc/ophandlers.php RackTables-0.20.5-dev/wwwroot/inc/ophandlers.php
--- RackTables-0.20.5-base/wwwroot/inc/ophandlers.php	2013-06-23 22:50:37.000000000 +0100
+++ RackTables-0.20.5-dev/wwwroot/inc/ophandlers.php	2013-07-30 10:00:55.114778670 +0100
@@ -646,7 +646,10 @@
 	assertUIntArg ('object_id');
 	$localip_bin = assertIPv4Arg ('localip');
 	$remoteip_bin = assertIPv4Arg ('remoteip');
-	assertUIntArg ('localport');
+	if ($_REQUEST['proto'] != "ALL") {
+		assertUIntArg ('localport');
+		assertUIntArg ('remoteport'); // Originally missing
+	}
 	assertStringArg ('proto');
 	assertStringArg ('description', TRUE);
 	$remoteport = isset ($_REQUEST['remoteport']) ? $_REQUEST['remoteport'] : '';
@@ -673,8 +676,10 @@
 	assertUIntArg ('object_id');
 	$localip_bin = assertIPv4Arg ('localip');
 	$remoteip_bin = assertIPv4Arg ('remoteip');
-	assertUIntArg ('localport');
-	assertUIntArg ('remoteport');
+	if ($_REQUEST['proto'] != "ALL") {
+		assertUIntArg ('localport');
+		assertUIntArg ('remoteport');
+	}
 	assertStringArg ('proto');
 
 	deletePortForwarding
@@ -695,10 +700,12 @@
 	assertUIntArg ('object_id');
 	$localip_bin = assertIPv4Arg ('localip');
 	$remoteip_bin = assertIPv4Arg ('remoteip');
-	assertUIntArg ('localport');
-	assertUIntArg ('remoteport');
+	if ($_REQUEST['proto'] != "ALL") {
+		assertUIntArg ('localport');
+		assertUIntArg ('remoteport');
+	}
 	assertStringArg ('proto');
-	assertStringArg ('description');
+	assertStringArg ('description', TRUE);	// Updated to allow empty strings when updating.
 
 	updatePortForwarding
 	(