Can firewall rules refer (indirectly?) to the DHCP-assigned WAN address?

I have a port forwarding rule which I'd like to have trigger if the request arrives at either my DMZ or WAN interface. I would like to simply create two port forwards, one setting src_dip to the router's DMZ IP address, and the other setting src_dip to the router's WAN IP address. But since the router's WAN IP address is (re)assigned periodically by my ISP, I can't simply hardcode it in my firewall config. Is there a well-known workaround for this?

An alternative would be to create just a single port forward rule, and leave src_dip empty. But the port in question is 443. Creating such a "wildcard" rule causes all outbound requests for 443 anywhere on the web to be redirected through my rule.

My rule looks like this. Outbbound https breaks if the last line (src_dip) is removed.

config redirect
        option target 'DNAT'
        option src 'dmz'
        option dest 'lan'
        option proto 'tcp'
        option src_dport '443'
        option dest_ip ''       # internal lan address
        option dest_port '20543'
        option src_dip ''         # router's DMZ address.

Yes there is. Just refer to the WAN or DMZ interface, respectively, with no IP.

I think you should make 2 rules.

I think your issue may be that you're referencing the server on it's DMZ address in LAN. To fix that, you can also make a redirect rule, to placing the packet in the originating zone, it will then forward according to your firewall zone rules.