[ previous ] [ next ] [ threads ]
 
 From:  "=?ISO-8859-1?Q?G=FCnther=20Starnberger?=" <Guenther dot Starnberger at cs dot or dot at>
 To:  <mk at neon1 dot net>
 Cc:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  Antw: Re: [m0n0wall-dev] keep state and ICMP redirects
 Date:  Mon, 12 Jul 2004 08:19:17 +0200
Hi,

> I think I'll just change the filter rule generator to
unconditionally
> allow traffic between an interface's main subnet and the statically
> routed subnets defined for that same interface. Don't want another
> mostly useless and potentially very dangerous option that most users
> probably wouldn't be able to understand.

Ah - right - if there's a static route you don't need to check if
there's a firewall rule which belongs to it, because this rule would be
mostly useless anyway. Not only the traffic between the main subnet and
statically routed subnets, but also the traffic between any 2 statically
routed subnets with a gateway on the same subnet should be affected by
this problem.

Btw, is there a world-readable CVS repository of the code somewhere or
are the beta releases the only possibility to use new features?

cu
/gst